OWASP Top Ten Vulnerabilities
Duration
24
hours
Location
Online
Language
English
Code
SECR-005
Training for 7-8 or more people?
Customize trainings
for your specific needs
Description
The course is aimed at developers, QA’s, Architects, Business Analysts and Security Analysts and contains a detailed description of the top ten security vulnerabilities provided by OWASP for web applications. The description of every vulnerability includes the theoretic basis of the vulnerability as well as various ways in which it can be exploited.We will also talk about bad practices and common development mistakes in the source code, testing and detection methods as well as prevention strategies. Every vulnerability is explained from a business point of view – what damage can occur and where, when the vulnerability is exploited.
After completing the course, a certificate
is issued on the Luxoft Training form
is issued on the Luxoft Training form
Objectives
- The theoretical basis of the vulnerability
- Exploiting the vulnerability
- Common development mistakes
- Testing and detection methods
- Prevention strategies
Target Audience
- Developers
- QA’s
- Architects
- Business-Analyst
Prerequisites
- Web basics
- Basic skills in Web application development and testing
Roadmap
- Injections
- Cross-Site Scripting
- Broken Authentication and Session Management
- Insecure Direct Object References
- Cross-Site Request Forgery
- Security Misconfiguration
- Insecure Cryptographic Storage
- Failure to Restrict URL Access
- Insufficient Transport Layer Protection
- Unvalidated Redirects and Forwards