Code:CNT1304

Introduction

This course aims to improve participants understanding of web application vulnerabilities and providing education on how to apply the correct security measures to defend web assets. The course will raise awareness of web attacks and cover the most critical vulnerabilities, based on the top 10 most critical security risks to web applications per the Open Web Application Security Projects (OWASP) standard.
wsva_course

Course content

  • Risks and threats
    • International legislation
    • Types of attacks according to web architectures

 

  • Analysis and research of vulnerabilities
    • Methods to obtain information
    • Using the ethical hacker toolkit
    • Authentication
    • Session mechanism
    • Access control
    • Injection (SQL, OS command)
    • Encryption
    • Attack by injection of XSS and CSRF code
    • Best practices on the use of framework and libraries

 

  • Security rules
    • Protection of architectures and operating systems
    • Strengthen authentication, session mechanisms and access control
    • Apply security on databases
    • Apply encryption protocols (SSL/TLS)
    • Define an input validation strategy to fight against injections
    • Define a secure environment

Learning outcomes

  • Demonstrate an in-depth understanding of the OWASP standard, its concepts and defined critical security risks
  • Gain an understanding of web penetration testing tools, methodology, web applications security, vulnerability assessment and analysis

Prerequisites

  • Foundational knowledge of TCP / IP and networking protocols
  • Foundational knowledge of Windows operating systems
  • Foundational knowledge of UNIX / Linux operating systems
  • Foundational knowledge of web application and database programming languages
  • Foundational knowledge of cyber security threats and attack methods

Duration

  • 4 Days

Learning style

  • 50% theoretical
  • 50% practical
DOWNLOAD COURSE