TRS13102

Ladda ner som PDF

Secure Web Development and Hacking for Developers

Learn how hackers attack your environment & to develop secure web applications.

A vulnerable application could result in major reputational and financial losses, and it is often the entry point that hackers use to compromise entire organizations. As a developer, it is critical to understand how web apps are attacked, and how we can defend our environment.

This hands-on training is developed and presented by Alexander Andersson and Fabio Viggiani, leading web application security experts. They will bring their experience from the field to prepare you with the right mindset to attack web applications; knowing the opponent’s strategies wins half the battle.

The training targets developers and it will cover everything from the initial recon phase to identification and exploitation of vulnerabilities. There will be secure coding, hacking, patching, exercises, demos and challenges.

The examples and exercises are based on different languages – primarily .NET, Java and Node.js – but the principles apply to all languages and platform.

Audience

Developers with focus on web applications

Prior knowledge

Web technologies, basic front-end technologies, basic networking and working experience in at least one back-end language.

Targets

  • Understand how hackers attack web applications and reach critical systems.
  • Learn fundamental principles of the most common security vulnerabilities (OWASP TOP 10 and more)
  • Learn different ways to prevent attacks.
  • Implement the most appropriate solutions to protect web applications.

Details

Day 1 will focus on introducing the mindset, strategies and tools used by attackers to compromise web applications and expand within organizations. A complete real-world hacking demo is conducted to address several different aspects that usually lead to the full compromise of an entire organization. Different types of injections are also addressed during the first day. This includes exercises, challenges and secure coding to prevent injections.

Day 2 focuses on aspects such as Cross Site Scripting, Cross Site Request Forgery, access control and other common issues, with many tasks and small challenges. Day 2 is a lot of fun!

Day 3 addresses authentication and session issues, as well as several security misconfigurations often encountered during our penetration tests. Demos and examples will be used to bring everything that the students have learned to a higher level, introducing a wider perspective, essential to understand how different parts of a large environment interact and depend on each other, security-wise.

Targets

  • Understand how hackers attack web applications and reach critical systems.
  • Learn fundamental principles of the most common security vulnerabilities (OWASP TOP 10 and more)
  • Learn different ways to prevent attacks.
  • Implement the most appropriate solutions to protect web applications.

Details

Day 1 will focus on introducing the mindset, strategies and tools used by attackers to compromise web applications and expand within organizations. A complete real-world hacking demo is conducted to address several different aspects that usually lead to the full compromise of an entire organization. Different types of injections are also addressed during the first day. This includes exercises, challenges and secure coding to prevent injections.

Day 2 focuses on aspects such as Cross Site Scripting, Cross Site Request Forgery, access control and other common issues, with many tasks and small challenges. Day 2 is a lot of fun!

Day 3 addresses authentication and session issues, as well as several security misconfigurations often encountered during our penetration tests. Demos and examples will be used to bring everything that the students have learned to a higher level, introducing a wider perspective, essential to understand how different parts of a large environment interact and depend on each other, security-wise.

Utbildningen levereras i samarbete med

Kursfakta

Kurs-ID: TRS13102
Längd: 3 dag
Pris exkl moms: 22 500 kr
Inregistrering: 09.00
Kursstart: 09.30
Kursslut (ca): 17.00

Frågor om kursen?

Har du frågor om kursens innehåll, leveransdatum/ort eller behöver en företagsanpassad variant? Fyll i formuläret nedan!


Avtalsrabatter och kampanjer kan ej nyttjas på denna kurs.


Ort och datum

Stockholm
30 mar-1 apr
Boka nu!

Tipsa