Introduction to Secure Web Coding (Sydney)

20 Jun 2017
Cost per person (ex gst): 
$760.00
Duration: 
1 day
Location: 
Sydney

About the course

This one-day course provides an introduction to the principles of secure coding for the web with a focus on the OWASP Top Ten vulnerabilities and how to protect against them. This course is a mix of theoretical and hands-on content that will involve identifying and exploiting vulnerabilities.
The course is designed to cover web applications (internet, intranet or extranet) in a language agnostic manner.

At the end of the course, attendees should have:

  • Gained an understanding of the principles of secure coding for the web
  • An appreciation for common security vulnerabilities and how to prevent them
  • Knowledge of how to look for security vulnerabilities

 

Course Outline

 

  • Security standards
  • Secure coding principles

OWASP Top 10

  • A1    Injection
  • A2    Broken Authentication and Session Management
  • A3    Cross-Site Scripting
  • A4    Insecure Direct Object References
  • A5    Security Misconfiguration
  • A6    Sensitive Data Exposure
  • A7    Missing Function Level Access Control
  • A8    Cross-Site Request Forgery
  • A9    Using Components with Known Vulnerabilities
  • A10  Unvalidated Redirects and Forwards

Target Audience

Developers, Architects, Administrators & Technical Testers.

Less technical but interested participants are welcome, although they will get the most out of the course if they can attend with a technical colleague to share the lab work.

Prerequisites

A good understanding of how a typical web application works and knowledge of at least one web language.

 

Download Introduction to Secure web coding course description (pdf)