NEW Secure Web Applications—SWA 3 days
Transcription
NEW Secure Web Applications—SWA 3 days
encription IT Security and Forensic Services NEW Secure Web Applications—SWA 3 days Web applications remain one of the most profitable areas a malicious attacker may target. In this course an experienced penetration tester will teach you what we find, how we find it and how to protect against these attacks. This will involve looking at a specific piece of code, identifying a security flaw, and implementing a fix for flaws found on the Top 10 and CWE/SANS Top 25 Most Dangerous Programming Errors. Not only are we reviewing the code behind these common errors, we will also instruct attendees in the field of penetration testing so they may identify flaws in web applications. Who is the course designed for? For bookings or enquiries call 0330 100 2345 or email training@encription.co.uk Duration: 3 Days Cost: £1795.00 plus VAT Included in the course: Examination fee and Encription Verified Certificate of Attainment All course material A daily hot lunch & refreshments 2 nights 4* Bed & Breakfast accommodation Free access to on-site gym, pool, sauna, etc Free Wi-Fi and car parking + Developers who want to build more secure web applications Course Objectives + + Software engineers Delegates will have an understanding of: Software architects Whilst the course is focused on software development, the technical content is accessible enough for anyone who is comfortable working with code and wishes to understand web application security from a development perspective. Common Web Application Vulnerabilities Development Management Data Validation Authentication Session Management Offensive Security Qualification Successful candidates will receive an Encription Verified ‘Secure Web Applications’ Certificate of Attainment Encription Limited Encription House Foley Drive Foley Business Park Kidderminster DY11 7PG 0330 100 2345 | www.encription.co.uk Encription IT Security and Forensic Services Pre-requisites: Topics covered: Common Web Application Vulnerabilities Cross-site scripting (XSS) Cross-site request forgery (CSRF) SQL injection HTTP response splitting Parameter manipulation Development management SSDLC Reaching milestones Data Validation Input validation Whitelisting vs. blacklisting Output encoding and escaping Using frameworks and APIs Students should have at least one years experience working with a web programming language and be familiar with SQL Assessment: 1 hour— Multiple Choice paper 1 hour— Practical Assessment Where is the Course and Exam held? Authentication How to use encryption Protecting session ids Basic and Forms Based Authentication Encription’s offices, Kidderminster, Worcestershire, DY11 7PG Session Management Session hijacking Session fixation Course Dates 9th—11th September 2013 Offensive Security Penetration testing methodology Understanding risk, threat and vulnerability Common security models Tool based testing Manual identification of vulnerability For all other courses and dates: http://www.encription.co.uk/training/ Encription house, Foley Drive, Foley Business Park, Kidderminster, DY11 7PG 0330 100 2345 www.encription.co.uk