What You'll LEARN
Created for developers with experience in any programming language, this course focuses on the most common security defects found in Web applications. To do this, each describes in detail each item included in the 2013 OWASP Top 10 list, with both an attention grabbing lecture and a hands-on lab exercise that students complete. This hands-on approach keeps developers engaged and ensures knowledge transfer of critical secure coding techniques.
- Allows developers with experience in diverse languages to learn a common body of knowledge since many of the most common issues are not language-specific
- Structure testing guidance so that it can be applied by developers or testers
- Provided remediation guidance to help eradicate specific issues
- Demonstrate how the issues are exploited by attackers
After successfully completing this course, you will:
- Understand the role of security in the software development lifecycle and how best to create secure applications
- Recognize the details of and the causes behind secure coding errors and mistakes
- Understand how these software security defects are exploited
- Understand discovery methods for these issues
- Understand the practices that help prevent the most common mistakes and lead to more secure software
This course applies to a broad audience. It is designed for professionals whose primary job function includes creating Web applications. This course is also strongly recommended for those involved with architecture and design (product and security architects and designers). Finally, QA security advocates and QA leads will find interest in the course because it improves their capability to incorporate security goals into testing.
Other Related Tools & Resources For Our Students
Be sure to check out our R&D site. We post tutorials, labs, white papers and articles to help you in your continued forensics training. There are frequently forensics videos available. If you haven't taken a course with us yet, check out some of the types of thigns you'll be doing and learning about in class.
Downloading Xplico In this article we’ll present Xplico, which is a network forensics tool installed in major digital forensics Linux distributions like Kali, Backtrack, Security Onion, DEFT, etc. In this tutorial, we’ll take a look at the DEFT Linux distribution, which we can download from here: we need to download [...]
The post Xplico appeared first on InfoSec Institute.
- Hunting Session Fixation Bugs
Improper handling of session variables in asp.NET websites is considered a serious threat and opens various doors to malicious hackers. For instance, a session variable could be manipulated in a way to subvert login authentication mechanisms. However, this article illustrates a session fixation bug in a .NET website by demonstrating [...]
The post Hunting Session Fixation Bugs appeared first on InfoSec Institute.