OWASP Top Ten Vulnerabilities
Продолжительность
24
часы
Місцезнаходження
Онлайн
Мова
Англійська
Код
SECR-005
Тренінг для 7-8 чи більше людей?
Налаштуйте тренінги
для ваших конкретних потреб
опис
The course is aimed at developers, QA’s, Architects, Business Analysts and Security Analysts and contains a detailed description of the top ten security vulnerabilities provided by OWASP for web applications. The description of every vulnerability includes the theoretic basis of the vulnerability as well as various ways in which it can be exploited.We will also talk about bad practices and common development mistakes in the source code, testing and detection methods as well as prevention strategies. Every vulnerability is explained from a business point of view – what damage can occur and where, when the vulnerability is exploited.
Після проходження курсу видається сертифікат
на бланку Luxoft Training
на бланку Luxoft Training
Цілі
- The theoretical basis of the vulnerability
- Exploiting the vulnerability
- Common development mistakes
- Testing and detection methods
- Prevention strategies
Цільова аудиторія
- Developers
- QA’s
- Architects
- Business-Analyst
передумови
- Web basics
- Basic skills in Web application development and testing
Дорожня карта
- Injections
- Cross-Site Scripting
- Broken Authentication and Session Management
- Insecure Direct Object References
- Cross-Site Request Forgery
- Security Misconfiguration
- Insecure Cryptographic Storage
- Failure to Restrict URL Access
- Insufficient Transport Layer Protection
- Unvalidated Redirects and Forwards