What Will Be Taught For This Web Application Security?
This course is design for Organizations that develop software and need to comply with a variety of complex, ever-changing regulations.
The Processes – Hands-On Labs on Application Testing & Verification
- One important aspect is to test for application vulnerabilities. During this practical hands-on, an introduction is provided together with some test cases from OWASP Broken Web Application project.
- Reference materials include:
- OWASP’s Application Security Verification Standard (ASVS)
OWASP Testing Guide
OWASP’s Enterprise Security API (ESAPI)
- OWASP's Application Security Verification Standard (ASVS) contains over 120 items but due to time constraint, the hands on lab will focus only on the following most relevant details with over 83 major controls:
The Technology - Tools might include the following:
OWASP Broken Web Applications
WebApp Vulnerability Scanner:
Selected Firefox plugins
OWTF (Offensive Web Testing Framework)
Web application security is a moving target. New vulnerabilities and threats are discovered regularly. The following resources should provide you with enough pointers to serve both as reference and for further research:
Web Application Firewall with Apache ModSecurity
Log Files Analysis with Splunk
This 2-day hands on courseis specially designed to equip participant with the knowledge on:
- How hackers attack web applications
How to test and verify your applications to determine whether they are vulnerable (with a focus on the OWASP Top 10).
Who Should Attend This Web Application Training?
- This training is highly recommended for Application Project Managers and Application Owners who outsource the development of the applications, or as a metric to assess the level of trust in their vendors.
- Developers who are interested in learning on securing their cyber applications, such as what security controls to implement in the design to satisfy application security requirements.
- Organisations involved in software development and need the necessary training and insights to comply with a wide array of complex regulations.