OWASP Top Ten Vulnerabilities
Czas trwania
24
hours
Lokalizacja
Online
Język
English
Kod
SECR-005
Szkolenie dla #uczestników# lub większej liczby osób?
Dostosuj treningi
dla Twoich konkretnych potrzeb
Opis
The course is aimed at developers, QA’s, Architects, Business Analysts and Security Analysts and contains a detailed description of the top ten security vulnerabilities provided by OWASP for web applications. The description of every vulnerability includes the theoretic basis of the vulnerability as well as various ways in which it can be exploited.We will also talk about bad practices and common development mistakes in the source code, testing and detection methods as well as prevention strategies. Every vulnerability is explained from a business point of view – what damage can occur and where, when the vulnerability is exploited.
Po ukończeniu kursu na formularzu Luxoft Training
wydawany jest certyfikat
wydawany jest certyfikat
Cele
- The theoretical basis of the vulnerability
- Exploiting the vulnerability
- Common development mistakes
- Testing and detection methods
- Prevention strategies
Grupa docelowa
- Developers
- QA’s
- Architects
- Business-Analyst
Warunki wstępne
- Web basics
- Basic skills in Web application development and testing
Plan działania
- Injections
- Cross-Site Scripting
- Broken Authentication and Session Management
- Insecure Direct Object References
- Cross-Site Request Forgery
- Security Misconfiguration
- Insecure Cryptographic Storage
- Failure to Restrict URL Access
- Insufficient Transport Layer Protection
- Unvalidated Redirects and Forwards