-- Description
Web applications are constantly exposed to the risk of attacks. The damage caused by a successful attack can be enormous. Just one vulnerability can be enough.
In this training course, you will learn how to detect and fix vulnerabilities in web applications. In practical small group exercises, you will take on the role of the attacker and learn how to exploit vulnerabilities. This will give you a deeper understanding of how these attacks work in practice. We will be guided by the OWASP Top Ten, a list of the biggest security risks for web applications.
Once we have identified a vulnerability together, we will explain where exactly the problem lies and discuss appropriate preventive and countermeasures.
-- Agenda
-
OWASP Top Ten
-
Focus & Exercise: Security Misconfiguration & Broken Authentication
-
Focus & Exercise: Broken Access Control & Cryptographic Failures
-
Focus & Exercise: Injection Attacks
-
Focus & Exercise: Insecure Deserialization & Components with known vulnerabilities
-
Effective Countermeasures
-- Your Benefits
The knowledge you learn is applicable, regardless of technologies and programming languages.
Learn how to identify and fix vulnerabilities in your own applications.
Better prevention of attacks through a deeper understanding of attack methods and effective security measures
-- Audience
Software developers and architects
-- Training Objectives
Understanding the OWASP top ten vulnerabilities and how they can be exploited
Understand the attacker’s perspective
Know how to identify vulnerabilities in web applications
Recognize security pitfalls in architecture and implementation
Integrate effective countermeasures into web applications
-- Your Trainers
Christoph Iserlohn
INNOQ
Scalability and security, host of INNOQ’s Security Podcast
- Flexible architectures
- OWASP Top Ten in practice
- Securing legacy software
- Web Security
Christoph Iserlohn is a senior consultant at INNOQ. He has many years of experience in the development and architecture of distributed systems. His main focus is on the topics of scalability, availability, and security.
Felix Schumacher
INNOQ
IT-Security
- OWASP Top Ten in practice
- Web Security
Felix ist Senior Consultant bei INNOQ. Er beschäftigt sich gerne mit IT-Sicherheit, testgetriebener Entwicklung und dem Betrieb und der Weiterentwicklung bestehender Systeme.
-- Technical Information and Books
INNOQ Security Podcast
In this podcast series we talk about IT security fundamentals and more. Podcast
In-House Training
You can also book this training as an in-house training course exclusively for your team. Please use the enquiry form for more details.
Enquire now-- Relevant Other Training Courses
from 2,025 €
iSAQB® Module WEBSEC
Would you like to learn more about the basics of web security? Then you've come to the right place.