This Web Application Security Testing training course first gives an overview of the most important web-related security problems, attacks, recommended coding techniques and mitigation methods. After getting familiar with the vulnerabilities andthe attack methods, participants learn about the general approach and the methodology for security testing, and the techniques that can be applied to reveal specific vulnerabilities. They also learn to use various tools that can be applied in order to automate security evaluation of software products, which is also supported by a number of exercises, where we execute various tools to analyze the already discussed vulnerable codes. This training is a must-attend for testers of security-sensitive web applications.
What the attendee will learn:
- Understand basic concepts of security, IT security and secure coding
- Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
- Learn about XML security
- Learn client-side vulnerabilities and secure coding practices
- Understand security concepts of Web services
- Learn about JSON security
- Learn about denial of service attacks and protections
- Understand security testing approaches and methodologies
- Get practical knowledge in using security testing techniques and tools
- Get sources and further readings on secure coding practices