Course Code
owasptop10
Duration
7 hours (usually 1 day including breaks)
Requirements
- A general understanding of web development lifecycle
- Experience in web application development and security
Audience
- Web developers
- Leaders
Overview
The OWASP Top 10 is a community-led, open-source document developed by the Open Web Application Security Project (OWASP) Foundation that identifies the most common web application threats and vulnerabilities. OWASP Top 10 provides a comprehensive guide on web application security, risks, impacts, and countermeasures.
This instructor-led, live training (online or onsite) is aimed at web developers and leaders who wish to explore and implement the OWASP Top 10 reference standard to secure their web applications.
By the end of this training, participants will be able to strategize, implement, secure, and monitor their web applications and services using the OWASP Top 10 document.
Format of the Course
- Interactive lecture and discussion.
- Lots of exercises and practice.
- Hands-on implementation in a live-lab environment.
Course Customization Options
- To request a customized training for this course, please contact us to arrange.
Course Outline
Introduction
Overview of OWASP Top Ten
Recognizing Injection Flaws in SQL, NoSQL, OS, and LDAP
Avoiding Broken Authentication and Session Management
Protecting Sensitive Data from Exposure
Securing XML External Entities (XXE)
Enforcing Proper Access Control
Preventing Security Misconfiguration
Avoiding Cross-Site Scripting (XSS) Attacks
Avoiding Insecure Deserialization Attacks
Using Components with Known Vulnerabilities
Performing Sufficient Logging and Monitoring
Summary and Conclusion
.png "new york stock exchange (nyse)")
_ireland.gif "environmental protection agency (epa) ireland")
.png "aeronautical radio, incorporated (arinc)"){kind=small}
.jpg "european organization for nuclear research (cern)")
.png "european space agency (esa)")
