14 hours (usually 2 days including breaks)
The course gives an overview of the applicable security solutions in web applications, focusing on the most important technologies like secure communication and web services, tackling both transport-layer security and end-to-end security solutions and standards like Web Services Security and XML. It also gives a brief overview of the typical programming mistakes, above all connected to missing or improper input validation.
The web-based vulnerabilities are demonstrated through presenting the relevant attacks, while the recommended coding techniques and mitigation methods are explained to avoid the associated problems. Exercises can be easily followed by programmers using different programming languages, thus the web application-related topics can be easily combined with other secure coding subjects, and can thus effectively satisfy the needs of corporate development groups, who typically deal with various languages and development platforms to develop web applications.
Participants attending this course will
- Understand basic concepts of security, IT security and secure coding
- Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
- Learn client-side vulnerabilities and secure coding practices
- Have a practical understanding of cryptography
- Understand security concepts of Web services
- Get practical knowledge in using security testing tools
- Get sources and further readings on secure coding practices
- IT security and secure coding
- Web application security
- Client-side security
- Client-side security
- Practical cryptography
- Security of Web services
- XML security
- Knowledge sources
To be a hacker to hack website. I think it is very funny.
Ryan Wu, 广东溢达纺织有限公司
Overview + drill down into details. Good diction.
Overview of most among important topics related to software architecture. This training inspired me to learn some of them in depth ;)
Konrad Fuchsig - EY GDS
REST API, C4, Containers, GO Lang, overall architecture descriptions, participants cases
Explanation of the concepts I had no knowledge about. Tutors calm and kind attitude and also his very vast knowledge.
Michał Kowalczyk - EY GDS
- The way trainer presented topic - Amount and quality of topics
Practical examples and possibility to try how web injections are functioning from the other side - not user but attacker side.
Jessica Wierzbicka - EY GDS
Lots of examples, exercises and use cases. Trainer voice and presentation speed was excellent.
The trainer was very experienced and was always willing to share his knowledge and experience.
The hands-on labs were excellent.
Dr. Farhan Hassan Khan - TDM GROUP
Trainers command in his field
Adnan ul Husnain Hashmi - TDM GROUP
We also do Consultancy!
We work with leading clients across a wide range of technologies!
Reach out for Project | Staff Enhancement | System Audit Consulting