TRAINING CATEGORIES

(Click Category to List Courses)

42 - IT-S Information Technology - Security and Audit

IT-S 136 - Web Application Security

Code	Start Date	Duration	Venue
IT-S 136	12 August 2024	5 Days	Istanbul	Registration Form Link
IT-S 136	09 September 2024	5 Days	Istanbul	Registration Form Link
IT-S 136	07 October 2024	5 Days	Istanbul	Registration Form Link
IT-S 136	04 November 2024	5 Days	Istanbul	Registration Form Link
IT-S 136	02 December 2024	5 Days	Istanbul	Registration Form Link

Please contact us for fees

PERSONAL DETAILS
Salutation:*
Full Name:*
Company/Job Title:*
City:*
Country:*
Contact No:*
Fax:
E-Mail:*
Number of person:*
How many days:*
Location:*
Language:*
Inquiry:*

Course Description

During the course, the risks of web applications and the extent of sensitive data that can be exposed or compromised are demonstrated. From there, we offer real world solutions on how to mitigate these risks and effectively evaluate and communicate residual risks.

After attending the class, participants will be able to apply what they learned quickly and bring back techniques to not only better secure their applications, but also do so efficiently by adding security early in the software development life cycle, "shifting left" ecurity decisions and testing, thus saving time, money, and resources for the organization.

Course Overview

Learn about infrastructure security and configuration management
Understand authentication and authorization mechanisms
Avoid improper error handling
Discuss identification and authentication failures

Who Should Attend?

Web App Developers, Testers, and Designers
Networking and Security Professionals
Auditors
Anyone interested in techniques for securing Web applications

Course Details/Schedule

Day 1

Introduction to Application Security
Threat Modeling
Injection
SQL
XML
JSON
OS (Operating system)
Source Code

Day 2

Broken Authentication
Cross site scripting
Insecure deserialization
Using known vulnerable components
Insufficient logging and monitoring
Authentication
Session Management

Day 3

Sensitive Data Exposure
Storage
Caches
Deployment
Secure Secret Storage
Encrypted secrets/credentials

Day 4

XML External Entities (XXE)
Broken Access Control
Cross-Site Request Forgery
Path Traversal: '.../...//'
Relative Path Traversal
Missing Authorization
Incorrect Authorization
Exposure of WSDL File Containing Sensitive Information
Insecure Direct Object References
Absence of Access Control to Functions

Day 5

Security Misconfiguration
KB Properties
Transmission
Cross-Site Scripting (XSS)
Insecure Deserialization
Components with Known Vulnerabilities
Insufficient Logging & Monitoring

FIND A PROGRAM

Complete Schedule

Category City Month

Search in Course Titles

Search in Whole Outlines

Reset

User Login

SAHARA Group Training and Consultancy INC (in Turkish: SAHARA Group Eğitim ve Danışmanlık AŞ)

Tax Office: Beyoğlu (Istanbul/Turkiye,Tax No: 7390525151 (Vergi Dairesi: Beyoğlu (İstanbul), Vergi No: 7390525151)

SEND TO MY COLLEAGUE
Full Name: *
E-Mail:*
Message:*