The Introduction to Web Application Security training is aimed at creating security awareness to anyone in your development team and to learn basic security checks that functional testers can execute in their normal test cycle.
Security failures get more and more attention in the media because the impact becomes ever bigger. Organizations become more dependent on digital workflows and disruptions to these workflows can cause ever larger losses. These losses can be financial, but also with regards to reputation, customer satisfaction and even safety!
Every organisation that creates software should think about security. Unfortunately, this is often still not the case. Many people think security testing is some kind of wizardry that can only be understood by ‘gurus’. This is not the case.
This training is focused on all members of your development team (testers, developers, but also product owners, business analysts, helpdesk and others). It teaches the basic concepts of security and how prevent security mistakes from being made. It is a highly practical training with examples, exercises and discussions on security aspects with a focus on Web Applications.
You will learn that security is the responsibility of all, permeates to all levels of the software development effort. Many security failures can be prevent with basic security measures that can be implemented with limited technical knowledge.
Why is security important
Where are the security problems
Security test process
How to test security
What is OWASP?
Broken Authentication and Session Management
Sensitive Data Exposure
XML External Entities (XXE)
Broken Access Control
Cross Site Scripting (XSS)
Using Known Vulnerable Components
Insufficient Logging & Monitoring
8 GB of hardware memory
64 GB free disk space (at least)
Wireless (802.11) network adapter
USB ports (not restricted)
BIOS / processor support for Virtualization
Microsoft Windows 7 or later as the host operating system
Students must be local administrator of this host operating system
Students must know all BIOS or other passwords used on the system
No Group Policy Objects (GPOs) or other similar OS restrictions should be in place, ideally this laptop should not be a member of any domain prior to class.
To subscribe, or request more information, please fill in the form below or send an email to firstname.lastname@example.org