TRAINING CATEGORIES

(Click Category to List Courses)

42 - IT-S Information Technology - Security and Audit

IT-S 140 - DOJO: Web Application Security Implementation

Code	Start Date	Duration	Venue
IT-S 140	22 April 2024	5 Days	Istanbul	Registration Form Link
IT-S 140	06 May 2024	5 Days	Istanbul	Registration Form Link
IT-S 140	03 June 2024	5 Days	Istanbul	Registration Form Link
IT-S 140	29 July 2024	5 Days	Istanbul	Registration Form Link
IT-S 140	26 August 2024	5 Days	Istanbul	Registration Form Link
IT-S 140	23 September 2024	5 Days	Istanbul	Registration Form Link
IT-S 140	21 October 2024	5 Days	Istanbul	Registration Form Link
IT-S 140	18 November 2024	5 Days	Istanbul	Registration Form Link
IT-S 140	16 December 2024	5 Days	Istanbul	Registration Form Link

Please contact us for fees

PERSONAL DETAILS
Salutation:*
Full Name:*
Company/Job Title:*
City:*
Country:*
Contact No:*
Fax:
E-Mail:*
Number of person:*
How many days:*
Location:*
Language:*
Inquiry:*

Course Description

One of the main concerns for many companies and internet users around the world is security. This is getting harder to achieve everyday with attacks getting more and more sophisticated. One of the ways for everyday users and beginning professionals to protect their content is Web Security Dojo. Dojo is designed to provide practical, hands-on exercises on web security and intrusion techniques.

Course Objectives

Understand how HTTP comunication works
Gain knowledge of Web vulnearabilities
Learn common web security testing tools

Who Should Attend?

Network administrators
Database administrators
Ethical Hackers and Penetration Testers
IT managers
Anyone who deal directly or indirectly with IT

Course Details/Schedule

Day 1

Web fundamentals and security configurations
Introduction to HTTP protocol
Overview of web authentication technologies
Web application architecture
Recent attack trends
Web infrastructure security/Web application firewalls Managing configurations for web apps

Day 2

Defense against input related threats
Input-related vulnerabilities in web applications
SQL injection
Cross-site request forgery
Cross-site scripting vulnerability and defenses
Unicode handling strategy
File upload handling
Business logic and concurrency

Day 3

Web application authentication and authorization
Authentication vulnerabilities and defense
Multifactor authentication
Session vulnerabilities and testing
Authorization vulnerabilities and defense
SSL vulnerabilities and testing
Proper encryption use in web application

Day 4

Web services and front-end security
Honeytoken
Web services overview
Security in parsing of XML
XML security
AJAX technologies overview
AJAX attack trends and common attacks
REST security
Browser-based defense such as Content Security Policy

Day 5

Cutting-edge web security
Serialization security
Clickjacking
DNS rebinding
HTML5 security
Logging collection and analysis for web apps
Security testing
IPv6 impact on web security
Capture-and-defend-the-flag exercise
Mitigating server configuration errors
Discovering and mitigating coding problems
Testing business logic issues and fixing problems
Testing web services and mitigating security problems

FIND A PROGRAM

Complete Schedule

Category City Month

Search in Course Titles

Search in Whole Outlines

Reset

User Login

SAHARA Group Training and Consultancy INC (in Turkish: SAHARA Group Eğitim ve Danışmanlık AŞ)

Tax Office: Beyoğlu (Istanbul/Turkiye,Tax No: 7390525151 (Vergi Dairesi: Beyoğlu (İstanbul), Vergi No: 7390525151)

SEND TO MY COLLEAGUE
Full Name: *
E-Mail:*
Message:*