NEW Secure Web Applications—SWA 3 days

encription
IT Security and Forensic Services
NEW Secure Web Applications—SWA
3 days
Web applications remain one of the most profitable
areas a malicious attacker may target. In this course
an experienced penetration tester will teach you
what we find, how we find it and how to protect
against these attacks. This will involve looking at a
specific piece of code, identifying a security flaw, and
implementing a fix for flaws found on the Top 10 and
CWE/SANS Top 25 Most Dangerous Programming
Errors.
Not only are we reviewing the code behind these
common errors, we will also instruct attendees in the
field of penetration testing so they may identify flaws
in web applications.
Who is the course designed for?
For bookings or enquiries call
0330 100 2345 or email
[email protected]
Duration: 3 Days
Cost: £1795.00 plus VAT
Included in the course:






Examination fee and Encription Verified
Certificate of Attainment
All course material
A daily hot lunch & refreshments
2 nights 4* Bed & Breakfast accommodation
Free access to on-site gym, pool, sauna, etc
Free Wi-Fi and car parking
+
Developers who want to build more secure web
applications
Course Objectives
+
+
Software engineers
Delegates will have an understanding of:
Software architects
Whilst the course is focused on software development, the
technical content is accessible enough for anyone who is
comfortable working with code and wishes to understand
web application security from a development perspective.






Common Web Application Vulnerabilities
Development Management
Data Validation
Authentication
Session Management
Offensive Security
Qualification
Successful candidates will receive an Encription Verified ‘Secure Web Applications’
Certificate of Attainment
Encription Limited
Encription House
Foley Drive
Foley Business Park
Kidderminster
DY11 7PG
0330 100 2345 | www.encription.co.uk
Encription
IT Security and Forensic Services
Pre-requisites:
Topics covered:

Common Web Application Vulnerabilities
Cross-site scripting (XSS)
Cross-site request forgery (CSRF)
SQL injection
HTTP response splitting
Parameter manipulation
Development management
SSDLC
Reaching milestones
Data Validation
Input validation
Whitelisting vs. blacklisting
Output encoding and escaping
Using frameworks and APIs
Students should have at least one years experience working with a web programming
language and be familiar with SQL
Assessment:

1 hour— Multiple Choice paper

1 hour— Practical Assessment
Where is the Course and Exam held?
Authentication
How to use encryption
Protecting session ids
Basic and Forms Based Authentication
Encription’s offices, Kidderminster,
Worcestershire, DY11 7PG
Session Management
Session hijacking
Session fixation
Course Dates
9th—11th September 2013
Offensive Security
Penetration testing methodology
Understanding risk, threat and vulnerability
Common security models
Tool based testing
Manual identification of vulnerability
For all other courses and dates:
http://www.encription.co.uk/training/
Encription house, Foley Drive, Foley Business Park, Kidderminster, DY11 7PG
0330 100 2345
www.encription.co.uk