Web Applications Security
Presentations, demos, small standalone exercises during the training.
A 1-3 days seminar forDevelopers, testers, QA, team leaders, project managers, database admins, system & network administrators
This training is for
Developers
Team leaders
System & network administrators
Testers
Project managers
QA
Database admins
GET COMPREHENSIVE TRAINING FOR YOUR TEAM
Agenda
1. Web App Attacks Methodology
Footprint web infrastructure
Attack web servers
Analyze web applications
Attack authentication mechanism
Attack authorization schemes
Attack session management
Perform injection attacks
Attack data connectivity
Attack web app client
Attack web services
2. Web Applications – Common Attacks
Injection
Broken authentication and session management
Cross-Site Scripting (XSS)
Insecure direct object references
Security misconfiguration
Sensitive data exposure
Missing dunction level access control
Cross-Site Request Forgery (CSRF)
Using components with known vulnerabilities
Unvalidated redirects and forwards
Other threats
3. Attack Detection and Mitigation
4. Integrating Security in the Software Development Lifecycle
Analysis
Development
Testing