IBM - Essentials of Web Application Security

PROKODA Gmbh
In München

750 
Möchten Sie den Bildungsanbieter lieber direkt anrufen?
0221/... Mehr ansehen

Wichtige informationen

  • Seminar
  • Fortgeschritten
  • München
  • Dauer:
    1 Tag
Beschreibung

IBM - Essentials of Web Application Security: This instructor-led, classroom course is intended for the following audience: Web Developers Web Development Managers Quality Assurance Specialists Security Auditors. Kursziele Describe the Web application security problem Understand secure coding concepts Describe the Web Application Security Consortium..
Gerichtet an: This instructor-led, classroom course is intended for the following audience: Web Developers Web Development Managers Quality Assurance Specialists Security Auditors. Kursziele Describe the Web application security problem Understand secure coding concepts Describe the Web Application Security Consortium (WASC) Threat Classifications Describe the Open Web Application Security Project (OWASP) Top Ten Web application security vulnerabilities ...

Wichtige informationen
Veranstaltungsort(e)

Wo und wann

Beginn Lage
auf Anfrage
München
Werner-Eckert-Str.11, 81829, Bayern, Deutschland
Plan ansehen

Häufig gestellte Fragen

· Voraussetzungen

To benefit from this course, students should have the following skills or experience: _x000D_
_x000D_
Basic Web development knowledge _x000D_
HTML _x000D_
HTTP

Themenkreis

KURSZIEL
IBM - Essentials of Web Application Security: This instructor-led, classroom course is intended for the following audience:
  • Web Developers
  • Web Development Managers
  • Quality Assurance Specialists
  • Security Auditors
_x000D_

_x000D_

Kursziele
  • Describe the Web application security problem
  • Understand secure coding concepts
  • Describe the Web Application Security Consortium (WASC) Threat Classifications
  • Describe the Open Web Application Security Project (OWASP) Top Ten Web application security vulnerabilities
  • Understand how simple exploits can be made
  • Implement solutions to the discussed vulnerabilities
  • Understand how Web application vulnerability testing can be implemented in the Software Development Life Cycle (SDLC)
  • Understand how you can use threat modeling techniques such as DREAD (Damage, Reliability, Exploitability, Affected users, and Discoverability) and STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privilege) to help you identify and prioritize Web application vulnerabilities
_x000D_

ZIELGRUPPE
This instructor-led, classroom course is intended for the following audience:
  • Web Developers
  • Web Development Managers
  • Quality Assurance Specialists
  • Security Auditors
_x000D_

_x000D_

Kursziele
  • Describe the Web application security problem
  • Understand secure coding concepts
  • Describe the Web Application Security Consortium (WASC) Threat Classifications
  • Describe the Open Web Application Security Project (OWASP) Top Ten Web application security vulnerabilities
  • Understand how simple exploits can be made
  • Implement solutions to the discussed vulnerabilities
  • Understand how Web application vulnerability testing can be implemented in the Software Development Life Cycle (SDLC)
  • Understand how you can use threat modeling techniques such as DREAD (Damage, Reliability, Exploitability, Affected users, and Discoverability) and STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privilege) to help you identify and prioritize Web application vulnerabilities
_x000D_

KURSINHALT
This course is designed to educate Web developers, security auditors, and quality assurance personnel about the Web application security problem. Students will learn about the most critical Web application security vulnerabilities and ways to resolve them, as well as some best practices for integrating Web application security in the software development lifecycle (SDLC)._x000D_

_x000D_

Themenübersicht
  • The Web Application Security Problem
  • Web Application Basics
  • Common Secure Coding Concepts
  • Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF)
  • SQL Injection
  • Malicious File Execution and Insecure Direct Object Reference
  • Information Leakage and Improper Error Handling
  • Broken Authentication and Session Management
  • Insecure Cryptographic Storage and Insecure Communications
  • Failure to Restrict URL Access
  • Integrating Application Security in your SDLC
Hinweise
Die Kurssprache ist deutsch. Das Kursmaterial ist englisch.


VORRAUSSETZUNG
To benefit from this course, students should have the following skills or experience: _x000D_

_x000D_

Basic Web development knowledge _x000D_

HTML _x000D_

HTTP

Vergleichen Sie diesen Kurs mit ähnlichen Kursen
Mehr ansehen