Defending Web Applications Security Essentials
DEV522: Defending Web Applications Security Essentials is intended for anyone tasked with implementing, managing, or protecting Web applications. It is particularly well suited to application security analysts, developers, application architects, pen testers, and auditors who are interested in recommending proper mitigations to Web security issues, and infrastructure security professionals who have an interest in better defending their Web applications.
The course will cover the topics outlined by OWASP's Top 10 risks document, as well as additional issues the authors found of importance in their day to day web application development practice. An example of the topics that will be covered include:
* infrastructure security
* server configuration
* authentication mechanisms
* application language configuration
* application coding errors like SQL injection and cross site scripting
* cross site request forging
* authentication bypass
* web services and related flaws
* Web 2.0 and it's use of web services
* XPATH and XQUERY languages and injection
* Business logic flaws
The course will cover the topics outlined by OWASP's Top 10 risks document, as well as additional issues the authors found of importance in their day to day web application development practice. An example of the topics that will be covered include:
* infrastructure security
* server configuration
* authentication mechanisms
* application language configuration
* application coding errors like SQL injection and cross site scripting
* cross site request forging
* authentication bypass
* web services and related flaws
* Web 2.0 and it's use of web services
* XPATH and XQUERY languages and injection
* Business logic flaws
Rating
0 vote
Favoured:
0
Listing Details
Vendor
SANS
Website
Pricing Model
Commercial
Modified
Owner
Add'l Info
Location - Worldwide Duration - 6 days
Created