SECR-010 Major Vulnerabilities in Web Application Security
SECR-010 Major Vulnerabilities in Web Application Security
Duration
24 hours
Location
Online
Language
English
Code
SECR-010
30.11.2023 - 15.12.2023
€ 600 *
Training for 7-8 or more people? Customize trainings for your specific needs
Description
This course is built as a detailed description with hands-on experience of today’s most common vulnerabilities: from OWASP Top-10 2021. Trainees will learn methods of static (including SAST) and dynamic (including DAST) identification and the reliable elimination of such vulnerabilities.
After completing the course, a certificate
is issued on the Luxoft Training form
is issued on the Luxoft Training form
Prerequisites
Participants must be able to work with web browsers, read and write code for modern web applications, and understand the main principles of their operation: HTTP, Cookies, Proxies, etc.
Roadmap
- What is Application Security, why and how to use it (0,5 h)
- Overview of OWASP TOP 10 (0,5 h)
- A01 – Broken Access Control (1 h) + Practical tasks (2 h)
- A02 – Cryptographic Failures (1 h) + Practical tasks (1 h)
- A03 – Injection (2 h) + Practical tasks (1 h)
- A04 – Insecure Design (0.5 h) + Practical tasks (1 h)
- A05 – Security Misconfiguration (1 h) + Practical tasks (1 h)
- A06 – Vulnerable and Outdated Components (0,5 h) + Practical tasks (1 h)
- A07 – Identification and Authentication Failures (2 h) + Practical tasks (2 h)
- A08 – Software and Data Integrity Failures + Insecure Deserialization (1 h) + Practical tasks (1 h)
- A09 – Security Logging and Monitoring Failures (0,5 h) + Practical tasks (0,5 h)
- A10 – Server-Side Request Forgery (0,5 h) + Practical tasks (0,5 h)
- A8:2013- Cross-Site Request Forgery (CSRF) (1 h) + Practical tasks (1 h)
Schedule and prices
View:
30.11.2023 -
15.12.2023
10:00-12:00
Location:Online
Duration:24 hours
Language:English
Time:10:00-12:00
Timezone:UTC +2
Trainer:
Voloshyn Dmytro
Trainer
Voloshyn Dmytro
€ 600
Trainers
