InfoSec Institute
| About UsSecurity Training CoursesCurrent Promotions | Why Choose InfoSec? | Contact Us |  
Small Class Size
Hands On Security Training
Cutting-Edge Course Content
Satisfaction Guarantee
World Renown Instructors
Boot Camp Style Training
Luxury Accommodations

Hands-On Security Training:

 
Ethical Hacking
Hacker Training Online
Advanced Ethical Hacking
Penetration Testing - 10 Day
Intrusion Prevention
Computer Forensics Training
Computer Forensics Online
Advanced Computer Forensics
Data Recovery Training
Security Architecture Design
Application Security
SCADA Security
Reverse Engineering Training
Information Security Training
Linux Security Training
Windows Security Training
VOIP Security Course
Wireless Security Training
On-Site Training

Certification Preparation Training:

 
CEH Boot Camp
CISSP Boot Camp
CISA Boot Camp
CISM Boot Camp
ECSA/LPT Boot Camp
Security+ Boot Camp
On-Site Training

Online Professional Development:

 
Hacker Training Online
Advanced Hacking Online
Penetration Testing Online
Intrusion Prevention Online
Reverse Engineering Online
Computer Forensics Online
SCADA Security Online
Data Recovery Online
Security Architecture Online
Application Security Online
CISSP Boot Camp Online
CISM Boot Camp Online
CISA Boot Camp Online


Small Class Size
Bring a Friend Discount
Hands-On Instruction
World Renown Instructors


  Ask a Technical Student Coordinator A Question

Name: Business Phone No: Email:  Ask a Student Coordinator a Question: 
 
Find Out Pricing
Course Catalog
Get A Detailed Syllabus
Ask a Question

InfoSec Institute: Information Security Training

Application Security Training: Web Application Hacking

The latest frontier in information security is undoubtedly application security. The average sized organization has hundreds of in-house and externally developed applications. With business processes increasingly moving towards the web services and the software-as-a-service model catching on, many organizations today are exposing data and critical business services to untested or insecure applications.

These applications with inadequate or non-existent security are a veritable treasure trove for malicious hackers. Most hackers have realized that enterprise-class organizations have firewalls in place and have a working patching policy for externally available hosts. Increasingly, the first route in to a critical database containing customer information, credit card data, proprietary data or classified information is through a vulnerable application.

InfoSec Institute’s Application Security: Web Application Hacking will position you as an able and ready Application Security Professional. You will gain skills on how to assess applications from a hacker’s point of view, understand application security vulnerabilities and learn how to close these security holes so they are never exploited by a hacker.

Application Security: Web Application Hacking is a unique offering in the security industry. While some security courses may brush over application security, or cover the security of small-scale “demo” applications, InfoSec Institute concentrates on the latest application security attacks against modern, enterprise, applications.

This hands-on course teaches you:

  • The fundamentals of modern Application Security on both .Net and Java platforms
  • Application security threats and assessment/attack techniques
  • The latest threats to Web Services and AJAX-enabled applications

InfoSec Institute has only the highest quality instructors, with deep background in Application Security. Our instructors are actively involved in the Application Security community. They have authored several books on the subject, spoken at various industry conferences, and are considered subject matter experts.

Application Security: Web Application Hacking is a totally hands on course. While a student in this class, you will be engaged in a thought-provoking lecture on the topic at hand, and then directly implement the relevant hands-on lab exercise in our Application Security Lab. Some of the lectures included in the course:

Some of the topics you will learn to master during the Application Security Training:

  • Secure Programming Throughout the Application Development Lifecycle
  • Confronting Flawed Input Data
  • Implementation Best Practices
  • Source code analysis scanning software
  • Code Origin Access Control Methods
  • Network Transmission Security with the JSSE API/SSL
  • WS Security, XKMS, and WS-I Basic security profile
  • SecureXML Libraries
  • Privilege Escalation Opportunities
  • Race Conditions
  • Cross Site Scripting Injection
  • .Net Secure Remoting
  • Windows Forms Security
  • SQL Server: Exploitation and Defense
  • Fault Injection and Fuzzing
  • Java security managers, policy files, and JAAS
  • ASP.NET Security
  • XOR, Base64 and Garbage Data Obfuscation
  • Securely Maintaining Session State – Best Practices
  • Session fixation
  • Vulnerabilties in AJAX-enabled applications
  • Advanced SQL Injection
  • Oracle PL/SQL Injection
  • .Net Security tokens, XML signature, XML canonicalization, and XML encryption
  • .Net WS-Trust and WS-SecureConversation
  • Error Control Verbosity Abuse

 

How You Benefit:

  • Gain the in-demand career skills of an Application Security Professional. Learn application security fundamentals, hands on application assessment techniques and methodologies used by the top application security professionals.
  • In this application security training course, learn the how and when it is appropriate to use tools to automate vulnerability discovery and when manual investigation is required.
  • Develop a custom process for code assessments across many languages and platforms.
    More than interesting theories and lecture, get your hands dirty in our dedicated hacking lab in this network security training course.

What's Included:

  • 5 Days of Application Security training from a senior instructor with real-world application assessment and remediation experience.
  • Guaranteed small class size (less than 10-16 Students), you get an intimate learning setting not offered at any of our competitors.
  • InfoSec's Custom Application Security Enterprise Suite, includes every program covered in the course for at home study.
  • All meals, snacks and refreshments included.
  • Certified Application Security Specialist (CASS) exam fees.
  • Lecture, Lab Exercise and Text book

Required Prerequisites:

  • Firm understanding of the Windows Operating System
  • Programming skills in any standard language (Perl, C++/C#, Java, etc.)
  • Exposure to web application development
  • Desire to learn about application security and web application hacking!
  • Ethical intentions

If you are unsure if you meet the required prerequisites, contact us for a quick skill check.

Current Course List:

Dates Location Register Online
Any Date! Any Location! SCADA Security Online - More Details Here
2/11-2/15 Chicago, IL Register Online Now or Reserve a Seat
4/14-4/18 Las Vegas, NV Register Online Now or Reserve a Seat
5/12-5/16 ChicagoCon Event Register Online Now or Reserve a Seat
7/7-7/11 Washington, DC Register Online Now or Reserve a Seat
9/29-10/3 Las Vegas, NV Register Online Now or Reserve a Seat
Any Date Your Office!
Get Information for On-Site Training

Current Pricing (Call 866-471-0059 for up-to-date deals):

*Available Back-To-Back with Ethical Hacking, call for information on discount program

  Ask a Technical Student Coordinator A Question

Name: Business Phone No: Email:  Ask a Student Coordinator a Question: