Certified Cyber Defender | Secure Web Development Expert

Overview
Course Outline
Target Audience
Fees

What Will Be Taught For This Secure Web Development Expert Course?

In today’s context, the assets of a company that operates a website such as Lazada, Amazon and Carousell etc. is not the number of servers or offices but the information or data that are kept in the database such as credit card and identity information. If you have assets of importance or anything about your site puts you in the public spotlight then your web security will be tested.

Technically, the very same programming that increases the value of a web site, namely interaction with visitors, also allows scripts or SQL commands to be executed on your web and database servers in response to visitor requests. Any web-based form or script installed at your site may have weaknesses or outright bugs and every such issue presents a web security risk.

This course will equip and teach you how websites are being attack through applications and will also give you the knowledge and skills to implement and write secure code that will safe guard your websites.

Learning Outcome

In this course, you will be able to identify the vulnerabilities in your code and how these vulnerabilities are being exploited by the attackers on your website and learn how to defend against such attacks.

You will be able to:

Identify security threats and vulnerabilities.
Understand and explain how these security threats and vulnerabilities works
Learn how to implement defense mechanisms to such security threats and vulnerabilities

Module 1: Introduction to Web Application Security

Web Application Security Misconception
What Is Web Application Security?
Why Web Application Security Is Important?

Module 2: Defending Against SQL Injection Attack

Categorize and explain various types of SQL injection attacks
Describe coding and design strategies for avoiding SQL injection attacks
Apply coding standards to eliminate SQL injection vulnerabilities

Module 3: Defending Against Cross Site Scripting Attack

Web Application Security Misconception
What Is Web Application Security?
Why Web Application Security Is Important?

Module 4: Defending Against Broken Authentication and Session Management

Understand What is Broken Authentication and Session Management
Describe the impact of Broken Authentication and Session Management
Understand How Broken Authentication and Session Management Works
Defending against Broken Authentication and Session Management

Module 5: Defending Against Cross Site Request

Understand What is Cross Site Request Forgery
Describe the impact of Cross Site Request Forgery
Understand How Cross Site Request Forgery Attack Is Carried Out
Defending against Cross Site Request Forgery Attack

Module 6: Defending Against Unvalidated Redirects and Forwards Attack

Understand What is Unvalidated Redirects and Forwards
Describe the impact of Unvalidated Redirects and Forwards
Understand How Unvalidated Redirects and Forwards Works
Defending against Unvalidated Redirects and Forwards

Module 7: Defending Against Missing Function Level Access Control

Understand What is Missing Function Level Access Control Attack
Describe the impact of Missing Function Level Access Control
Understand How Missing Function Level Access Control Works
Defending against Missing Function Level Access Control Attack

Module 8: Defending Against Sensitive Data Exposure

Understand What is Sensitive Data Exposure
Describe the impact of Sensitive Data Exposure
Defending against Sensitive Data Exposure

Module 9 – Defending Against Insecure Deserialization Attack

Understand What is Insecure Deserialization
Describe the impact of Insecure Deserialization
Understand How Insecure Deserialization Works
Defending against Insecure Deserialization

Module 10: Defending Against Using Components with Known Vulnerabilities

Understand What is Using Components with Known Vulnerabilities
Describe the impact of Using Components with Known Vulnerabilities
Defending against Unknown Vulnerable Components

Module 11: Defending Against Insecure Direct Object

Understand What is Insecure Direct Object Reference
Describe the impact Insecure Direct Object Reference
Understand How Insecure Direct Object Reference Works
Defending against Insecure Direct Object Reference

Module 12: Defending Against XML External Entities(XXE) Attack

Understand What is XML External Entities (XXE)
Describe the impact of XML External Entities (XXE) Attack
Understand How XML External Entities (XXE) Attack Works
Defending against XML External Entities (XXE) Attack

Module 13: Defending Against Security Misconfiguration

Understand What is Security Misconfiguration?
Describe the impact of Security Misconfiguration
Defending against Security Misconfiguration

Module 14: Defending Against Insufficient Logging and Monitoring

Understand What is Insufficient Logging and Monitoring Malpractices
Describe the impact of Insufficient Logging and Monitoring Malpractices
Explain the differences between logging and monitoring
Defending against Insufficient Logging and Monitoring Malpractices

Who Should Attend This Secure Web Development Expert Training?

This course is targeted toward the web developers, Project Managers, or anyone with working experience developing web applications using languages such as PHP, .NET, Ruby, Java or Python.

	w/o GST	w GST
Course Fee	$2,500	$2,675
Promo Fee	$1,500	$1,605

Terms & Conditions

All prices stated above are in Singapore Dollars (SGD).
This promotion is valid for course registrations and payments made in full before 31 December 2018 and course attendance before 31 December 2018.
ST Electronics (e-Services) reserves the right to change the date or venue without prior notice.
ST Electronics (e-Services) reserves the right to cancel or reschedule the course due to class size or unforeseen circumstances.

Course Dates
OCT: 22-24
NOV: 26-28
DEC: 17-19
Duration: 3 days Time: 9am to 5pm