Training: Critical Web Application Security

Understand the risks, pitfalls and, proven defenses.

Security vulnerabilities in business web applications continue to be a significant source of risk for businesses. While there are a number of technologies that can be employed to help defend and monitor vulnerable applications, to fix and manage these kinds of vulnerabilities, we must have a practical and working understanding of application layer risks and proven best practices.
Security PS has developed application security training courses aimed to equip software development teams and security staff with a working understanding of the risks and security best practices that address the top security flaws and vulnerabilities found in applications today.
Our “Critical Web Application Security” course presents the most compact, in-depth discussion of security concepts that must be addressed by companies who need to design, develop, deploy, and manage secure web applications. Offered in a one-day bootcamp style event, the concepts and information presented in this session aim to raise the level of security awareness for architects, developers, technical managers, and security practitioners who need to understand web application risks at a technical level.
This course will help your team:
  • Identify and understand areas of risk in web applications
  • Apply security best practices to design and development process
  • Reduce vulnerabilities and extra development cycles for security fixes
  • Improve overall security in the software development life cycle
Development teams will increase their understanding of modern attacks and risks and learn the security concepts and best practices that must be applied to application design, programming, and the development/deployment life-cycle. Likewise, security professionals will gain valuable insight to application layer security. Learn how to reduce risk and costs by applying security to web application development and deployment.

Topics Covered:

This courseware is structured to systematically work through critical security practices by first demonstrating current attacks, vulnerabilities, and weaknesses with live examples associated with each security practice area. After exploring the risks together, the instructor walks through the proven practices used by experienced professionals to mitigate the risks and build defenses into applications. The attacks and security best practices covered in this course include the following application security areas:
  • Information Disclosure Risks and Defenses
  • Session Management Risks and Defenses
  • Authentication Risks & Defenses
  • Authorization Risks & Defenses
  • Data Validation & Encoding
  • Cryptography In Web Apps
  • Auditing and Logging
  • Application Architecture Security and Trust Boundaries
Within these sections, a wide array of the most prevalent attacks and weaknesses are demonstrated on live applications, including Cross Site Request Forgery, SQL Injection, Parameter Manipulation/Injection, Insecure Direct Object References, Session Hijacking / Session Fixation, Redirect and Forward Attacks, Bypassing Access Controls, Credential Attacks and Bypassing Authentication, Cross Site Scripting, all the OWASP Top 10 and more.

Training Your Way

Application Security Application Security See below for currently scheduled training events available for you and your team to attend. Or, if you would like your team to have the opportunity to learn and interact about application security topics that affect your organization, contact us about bringing our training on-site to work directly with your team.
Contact Us