Web App Exploiting & Defending
This course will help students learn key concepts in web application security, the vulnerabilities that exist and how hackers exploit modern day applications for their own gain.
Students will be well versed in describing common attacks and will be able to express how these scenarios could affect their own business applications.
This course covers compliance requirements for PCI DSS 6.3.7 and 6.5.
- Express software defects, including the OWASP Top 10 vulnerabilities and how they relate to your business.
- Understand today's threats to connected applications and express the necessary concepts to defend your business against them.
- Hands on experience in our TrueLabs to see first-hand how hackers attack systems
- Cover topics in PCI DSS 6.3.7 and 6.5
- What is information security?
- Software security trends
- Authentication 101
- Factors of authentication
- Authentication weaknesses
2. Authorization and Access Control
- Authorization 101
- Horizontal & vertical privilege escalation
- Access controls common techniques
3. Session Management
- Session 101
- Hijacking sessions
- Session ID weaknesses
- Session management best practices
4. Data Validation
- Methods of validation
- Cross-site scripting
- SQL injection
- Data encoding issues
- Parameter manipulation
- Basics of cryptography
- Random numbers
- Hashing of data
- About SSL and weak encryption
6. Misc Topics in Security
- Leakage and error handling
- 3rd party code
- File references
Security Compass training courses are offered using a variety of delivery methods. Download the data sheet to learn more.
Security Compass offers this course as a public class. Contact us for a schedule of all our upcoming public training classes.