X

Certified Cyber Defender | Secure Web Development Expert

Certified Cyber Defender | Secure Web Development Expert ™

Register Now Customize Training

  • Overview
  • Course Outline
  • Target Audience
  • Fees

What Will Be Taught For This Secure Web Development Expert Course?

In today’s context, the assets of a company that operates a website such as Lazada, Amazon and Carousell etc. is not the number of servers or offices but the information or data that are kept in the database such as credit card and identity information. If you have assets of importance or anything about your site puts you in the public spotlight then your web security will be tested.

Technically, the very same programming that increases the value of a web site, namely interaction with visitors, also allows scripts or SQL commands to be executed on your web and database servers in response to visitor requests. Any web-based form or script installed at your site may have weaknesses or outright bugs and every such issue presents a web security risk.

This course will equip and teach you how websites are being attack through applications and will also give you the knowledge and skills to implement and write secure code that will safe guard your websites.

Learning Outcome

In this course, you will be able to identify the vulnerabilities in your code and how these vulnerabilities are being exploited by the attackers on your website and learn how to defend against such attacks.

You will be able to:

  • Identify security threats and vulnerabilities.
  • Understand and explain how these security threats and vulnerabilities works
  • Learn how to implement defense mechanisms to such security threats and vulnerabilities
Module 1: Introduction to Web Application Security
  • Web Application Security Misconception
  • What Is Web Application Security?
  • Why Web Application Security Is Important?
Module 2: Defending Against SQL Injection Attack
  • Categorize and explain various types of SQL injection attacks
  • Describe coding and design strategies for avoiding SQL injection attacks
  • Apply coding standards to eliminate SQL injection vulnerabilities
Module 3: Defending Against Cross Site Scripting Attack
  • Web Application Security Misconception
  • What Is Web Application Security?
  • Why Web Application Security Is Important?
Module 4: Defending Against Broken Authentication and Session Management
  • Understand What is Broken Authentication and Session Management
  • Describe the impact of Broken Authentication and Session Management
  • Understand How Broken Authentication and Session Management Works
  • Defending against Broken Authentication and Session Management
Module 5: Defending Against Cross Site Request
  • Understand What is Cross Site Request Forgery
  • Describe the impact of Cross Site Request Forgery
  • Understand How Cross Site Request Forgery Attack Is Carried Out
  • Defending against Cross Site Request Forgery Attack
Module 6: Defending Against Unvalidated Redirects and Forwards Attack
  • Understand What is Unvalidated Redirects and Forwards
  • Describe the impact of Unvalidated Redirects and Forwards
  • Understand How Unvalidated Redirects and Forwards Works
  • Defending against Unvalidated Redirects and Forwards
Module 7: Defending Against Missing Function Level Access Control
  • Understand What is Missing Function Level Access Control Attack
  • Describe the impact of Missing Function Level Access Control
  • Understand How Missing Function Level Access Control Works
  • Defending against Missing Function Level Access Control Attack
Module 8: Defending Against Sensitive Data Exposure
  • Understand What is Sensitive Data Exposure
  • Describe the impact of Sensitive Data Exposure
  • Defending against Sensitive Data Exposure
Module 9 – Defending Against Insecure Deserialization Attack
  • Understand What is Insecure Deserialization
  • Describe the impact of Insecure Deserialization
  • Understand How Insecure Deserialization Works
  • Defending against Insecure Deserialization
Module 10: Defending Against Using Components with Known Vulnerabilities
  • Understand What is Using Components with Known Vulnerabilities
  • Describe the impact of Using Components with Known Vulnerabilities
  • Defending against Unknown Vulnerable Components
Module 11: Defending Against Insecure Direct Object
  • Understand What is Insecure Direct Object Reference
  • Describe the impact Insecure Direct Object Reference
  • Understand How Insecure Direct Object Reference Works
  • Defending against Insecure Direct Object Reference
Module 12: Defending Against XML External Entities(XXE) Attack
  • Understand What is XML External Entities (XXE)
  • Describe the impact of XML External Entities (XXE) Attack
  • Understand How XML External Entities (XXE) Attack Works
  • Defending against XML External Entities (XXE) Attack
Module 13: Defending Against Security Misconfiguration
  • Understand What is Security Misconfiguration?
  • Describe the impact of Security Misconfiguration
  • Defending against Security Misconfiguration
Module 14: Defending Against Insufficient Logging and Monitoring
  • Understand What is Insufficient Logging and Monitoring Malpractices
  • Describe the impact of Insufficient Logging and Monitoring Malpractices
  • Explain the differences between logging and monitoring
  • Defending against Insufficient Logging and Monitoring Malpractices

Who Should Attend This Secure Web Development Expert Training?

This course is targeted toward the web developers, Project Managers, or anyone with working experience developing web applications using languages such as PHP, .NET, Ruby, Java or Python.

  w/o GST w GST
Course Fee $2,500 $2,675
Promo Fee $1,500 $1,605
 

Terms & Conditions

  • All prices stated above are in Singapore Dollars (SGD).
  • This promotion is valid for course registrations and payments made in full before 31 December 2018 and course attendance before 31 December 2018.
  • ST Electronics (e-Services) reserves the right to change the date or venue without prior notice.
  • ST Electronics (e-Services) reserves the right to cancel or reschedule the course due to class size or unforeseen circumstances.

 

 

 

Course Dates
  OCT: 22-24
  NOV: 26-28
  DEC: 17-19

  Duration: 3 days
  Time: 9am to 5pm