Web Application Security Foundation

Rating:
2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5
Loading...
Please Log in or register to rate

Web Application Security Foundation

SEC-216

Security is one of the most important requirements of any application and Web Application developers face some of the largest security risks. The Open Web Application Security Project gives us the OWASP Top 10 to help guide the secure development of online applications and defend against these threats.

This security workshop was created for developers who wish to better understand the risks associated with web application developmentand explore useful tools to protect the organization against them.

Target audience and Prerequisites:
Software developers, product managers, architects, operations & devops, IT and QA

Web Applications Security Seminar Topics
  • Understanding the attack surface and the attacker’s point of view:
    Prior to diving into the essentials of defending web applications from common attacks, a short intro will be given on the way an attacker approaches a target web application and the techniques he uses to create his attack surface, including:
    − Crawling
    − Fuzzing
    − Google Hacking
    − and more
  • Common attacks / attack vectors – anatomy & mitigation
    − Client side attacks: XSS,CSRF
    − Server side attacks: SQL Injection, Abusing file upload mechanisms
    − Denial of service
    − Bypassing Authentication/Authorization/Session handling Mechanisms
    − Information disclosure
    − OWASP top 10
  • Useful tools
    − Burpsuite/ZAP
© Copyright - Skilit - Site by Dweb