The access to this course is restricted to PenTest Premium or IT Pack Premium Subscription
After completing this course you will be able to:
- Comprehensively remediate common web application vulnerabilities.
- Apply defensive application design and coding practices to avoid security vulnerabilities.
- Customize, implement, and maintain a baseline security standard for the web applications development lifecycle (SANS SWAT checklist).permission.
- Design stronger security architecture.
- Understand cutting-edge web technologies and their security implications, avoiding security issues when utilizing these newer technologies.
- Move away from basic web application security principles of “validating more” and implement effective security controls against vulnerabilities that input validation simply does not fix.
- Leverage HTTP header-level protection to apply strong defense systems on the client side by building another layer of defense on top of secure coding on the server side.
What will you learn in this workshop
HTML5, AJAX, Node.JS, Websockets, RESTful service, Apache ModSecurity, PHP page, XSS, PHP website
Module 1 - Introduction. The Basics.
Module 3 - Security Misconfiguration and Sensitive Data Exposure
Module 4 - Missing Function Level Access Control and Cross Site Request Forgery (CSRF)
Module 5 - Using Components with Known Vulnerabilities and Unvalidated Redirects and Forwards
Your instructor: Vladimir Korennoy
Head of Development of Information Security Systems at PentestIT.
Currently develops brand new SIEM system DataSafety.
DataSafety will present a new level of automating and provide easy connections with all popular security tools.