Securing Web Applications Overview

PT27374
Training Summary
The Secure web Application development Overview is geared for web developers and technical stakeholders who need to produce secure web applications, integrating security measures into the development process from requirements to deployment and maintenance. This overview-level course explores core concepts and challenges in web application security, showcasing current, real-world examples that illustrate the potential consequences of not following these best practices. The final portion of this course builds on the previously learned mechanics for building defenses by exploring how design and analysis can be used to build stronger applications from the beginning of the software lifecycle.
Prerequisites
Students should have experience deploying and/or supporting web applications. Prior programming experience is highly recommended.
Duration
2 Days/Lecture & Lab
Audience
This course is geared for web developers and technical stakeholders who need to produce secure web applications, integrating security measures into the development process from requirements to deployment and maintenance.
Course Topics
  • Bug Hunting Foundation – Why Hunt Bugs?
  • Safe and Appropriate Bug Hunting/Hacking
  • Moving Forward from Hunting Bugs, Removing Bugs
  • Foundation for securing Web Applications – Principles of Information Security
  • Bug Stomping 11 – Unvalidated Data
  • Broken Access Control Cryptographic Failures
  • Injection Flaws
  • Insecure Design
  • Bug stomping 102 – Vulnerable and Outdated Components
  • Identification and Authentication Failures
  • Software and Data Integrity Failures
  • Security Logging and Monitoring Failures
  • Server-Side Request Forgery (SSRF)
  • Moving Forward – applications – What Next?
  • SDL Overview
  • SDL in Action

Related Scheduled Courses