Web Application Security

Many of us deploy or develop applications that are connected to the Internet.  How do we know these are secure?  Is it possible to design secure applications to reduce the risk of successful attacks? Unsecure web applications are the most commonly attacked systems on the Internet. These unsecured systems often provide an interface into PHI, PII, or other sensitive data that attackers find lucrative.

This course opens your eyes to the top vulnerabilities in applications and discusses common, but often overlooked, fixes for each. Developing, configuring, and deploying secure applications minimizes attack surface and risk. Our primary objective is to increase awareness on common application vulnerabilities, discuss tactics attackers use to exploit these vulnerabilities, and address mitigation options.

Objectives

  • Understand the fundamentals of Application Security on major platforms
  • Understand application security weaknesses and the techniques used by hackers to exploit these weaknesses
  • Understand how to design and develop applications defensively
  • Learn web application assessment techniques

Audience

This course is for developers, technical managers, incident responders, security professionals and anyone interested in the technical aspects of application security training.

Prerequisites

IT Security Fundamentals or equivalent experience.

Outline

  • IntroductionDesigning Systems for Security
    • Application Security
    • Types of Applications and their vulnerabilities
    • Security Goals
  • Secure Application Design Principles
  • Secure Application Development Techniques
  • Assessing Web Application Security
  • Using Cryptography

Duration

12 Hours (2 Days)

WebSanity Top Secret