This class teaches developers how to protect against the most dangerous, costly, and prevalent threats to the security of websites, both internal and external. Students will not only learn to identify these threats but will also leave the class with practical and workable defenses for each one. You'll be given an e-commerce website to practice on. After learning about each attack type, you'll carry out the attack. Then you'll harden your website using what was learned in the lecture and watch the attack fail the second time. This hands-on approach will anchor your understanding of web application security. The lectures are packed with interesting stories from newspaper headlines and videos as practical examples of each of the attacks. You will learn how the hackers successfully carried out those attacks, including the tools used so that we know precisely how to defend our sites against these attacks and ones like them. We will focus on OWASP’s Top Ten Security Threats, seeing examples, learning hackers’ methods, and the best practices for protecting our sites against similar attacks.
There are no prerequisites for this course.
5 Days/lecture & Labs
This class is most appropriate for intermediate to advanced developers who want to enhance their knowledge of security threats and who want to know the practical steps on how to protect their web applications.