Training - OWASP Top Ten in practice

Description

Web applications are constantly exposed to the risk of attacks. The damage caused by a successful attack can be enormous. Just one vulnerability can be enough.

In this training course, you will learn how to detect and fix vulnerabilities in web applications. In practical small group exercises, you will take on the role of the attacker and learn how to exploit vulnerabilities. This will give you a deeper understanding of how these attacks work in practice. We will be guided by the OWASP Top Ten, a list of the biggest security risks for web applications.

Once we have identified a vulnerability together, we will explain where exactly the problem lies and discuss appropriate preventive and countermeasures.

Agenda

OWASP Top Ten
Focus & Exercise: Security Misconfiguration & Broken Authentication
Focus & Exercise: Broken Access Control & Cryptographic Failures
Focus & Exercise: Injection Attacks
Focus & Exercise: Insecure Deserialization & Components with known vulnerabilities
Effective Countermeasures

Your Benefits

The knowledge you learn is applicable, regardless of technologies and programming languages.

Learn how to identify and fix vulnerabilities in your own applications.

Better prevention of attacks through a deeper understanding of attack methods and effective security measures

Audience

Software developers and architects

Training Objectives

Understanding the OWASP top ten vulnerabilities and how they can be exploited

Understand the attacker’s perspective

Know how to identify vulnerabilities in web applications

Recognize security pitfalls in architecture and implementation

Integrate effective countermeasures into web applications

Your Trainers

Christoph Iserlohn

INNOQ

Scalability and security, host of INNOQ’s Security Podcast

Flexible architectures
OWASP Top Ten in practice
Securing legacy software
Web Security

Christoph Iserlohn is a senior consultant at INNOQ. He has many years of experience in the development and architecture of distributed systems. His main focus is on the topics of scalability, availability, and security.

Felix Schumacher

INNOQ

IT-Security

OWASP Top Ten in practice
Web Security

Felix ist Senior Consultant bei INNOQ. Er beschäftigt sich gerne mit IT-Sicherheit, testgetriebener Entwicklung und dem Betrieb und der Weiterentwicklung bestehender Systeme.

Technical Information and Books

INNOQ Security Podcast

In this podcast series we talk about IT security fundamentals and more. Podcast

In-House Training

You can also book this training as an in-house training course exclusively for your team. Please use the enquiry form for more details.

Enquire now

Relevant Other Training Courses

Web Security

Develop Secure Web Applications

Technology 20

Methodology 10

Communication —

from 2,025 €

iSAQB^® Module WEBSEC

Would you like to learn more about the basics of web security? Then you've come to the right place.

-- Description

-- Agenda

-- Your Benefits

-- Audience

-- Training Objectives

-- Your Trainers