OWASP Top Ten in practice

2 Days

Dates and Booking

Description

Web applications are constantly exposed to the risk of attacks. The damage caused by a successful attack can be enormous. Just one vulnerability can be enough.

In this training course, you will learn how to detect and fix vulnerabilities in web applications. In practical small group exercises, you will take on the role of the attacker and learn how to exploit vulnerabilities. This will give you a deeper understanding of how these attacks work in practice. We will be guided by the OWASP Top Ten, a list of the biggest security risks for web applications.

Once we have identified a vulnerability together, we will explain where exactly the problem lies and discuss appropriate preventive and countermeasures.

Agenda

  • OWASP Top Ten

  • Focus & Exercise: Security Misconfiguration & Broken Authentication

  • Focus & Exercise: Broken Access Control & Cryptographic Failures

  • Focus & Exercise: Injection Attacks

  • Focus & Exercise: Insecure Deserialization & Components with known vulnerabilities

  • Effective Countermeasures

Your Benefits

The knowledge you learn is applicable, regardless of technologies and programming languages.

Learn how to identify and fix vulnerabilities in your own applications.

Better prevention of attacks through a deeper understanding of attack methods and effective security measures

Audience

Software developers and architects

Training Objectives

Understanding the OWASP top ten vulnerabilities and how they can be exploited

Understand the attacker’s perspective

Know how to identify vulnerabilities in web applications

Recognize security pitfalls in architecture and implementation

Integrate effective countermeasures into web applications

Your Trainers

Christoph Iserlohn

INNOQ

Scalability and security, host of INNOQ’s Security Podcast

  • Flexible architectures
  • OWASP Top Ten in practice
  • Securing legacy software
  • Web Security

Christoph Iserlohn is a senior consultant at INNOQ. He has many years of experience in the development and architecture of distributed systems. His main focus is on the topics of scalability, availability, and security.

Felix Schumacher

INNOQ

IT-Security

  • OWASP Top Ten in practice
  • Web Security

Felix ist Senior Consultant bei INNOQ. Er beschäftigt sich gerne mit IT-Sicherheit, testgetriebener Entwicklung und dem Betrieb und der Weiterentwicklung bestehender Systeme.

Technical Information and Books

INNOQ Security Podcast

In this podcast series we talk about IT security fundamentals and more. Podcast

Online Courses

Dates by Request

On-site Courses

Event ticketing software by pretix

In-House Training

You can also book this training as an in-house training course exclusively for your team. Please use the enquiry form for more details.

Enquire now

Relevant Other Training Courses