Training: Web Application Security

Due to new technologies development, WWW applications are moving online, behind borders of company. Their significance rapidly increases and they often represents the core business (e.g. internet banks, e-shops, auction houses, etc.) Attackers, who are aware of application’s significance, try to gain sensitive data through application’s weak points or to make them unavailable. Our Training helps developers to beware of making variety of security bugs during web application development.

A purpose of this training is an introduction of the most frequent vulnerabilities of web applications, whose weak points are used by attackers, and acquainting participants with ways how to prevent such faults within the process of web application development.

Structure of Training

• Web application security specifications

• Client-site attacks and juggled users

  • Phishing, pharming, spoofing

  • Man in the middle and Man in the browser attacks (Trojans)

  • Immortal Cross site scripting (XSS)

• OWASP Top 10 vulnerabilities

• Sophisticated attack demonstration

• Summary

The Form of Training

All-day training is led by a senior consultant and an experienced hacker, who perform penetration tests daily.

The training proceeds in the form of a slide-show presentation and a workshop – participants can interact with the instructor and ask questions during the lesson, what makes training more dynamic and interesting for the audience.

The training contains number of live demonstrations of web application attacks.

There is a possibility of training modification: for example we can check your acquired knowledge by a test (immediately or with some dosing interval) or give you a discharge by issuing the certificate.