Introduction to Secure Web Coding (Wellington)

27 Nov 2017
Cost per person (ex gst): 
$760.00
Duration: 
1 day
Location: 
Wellington

About the course

An introduction to the principles of secure coding for the web. This course focuses on the OWASP Top Ten vulnerabilities and how to protect against them. Learn with a mix of theoretical and hands-on content that will involve identifying and exploiting vulnerabilities.

The course covers web applications (internet, intranet or extranet) written in all languages.

Attendees will:

  • Gain an understanding of the principles of secure coding for the web
  • Be familiar with common security vulnerabilities and how to prevent them
  • Know how to look for security vulnerabilities.

Course Outline

  • Security standards
  • Secure coding principles
  • HTTP Security Headers
  • Evil User Stories

OWASP Top 10

  • A 1    Injection
  • A 2    Broken Authentication and Session Management
  • A 3    Cross-Site Scripting
  • A 4    Insecure Direct Object References
  • A 5    Security Misconfiguration
  • A 6    Sensitive Data Exposure
  • A 7    Missing Function Level Access Control
  • A 8    Cross-Site Request Forgery
  • A 9    Using Components with Known Vulnerabilities
  • A 10  Unvalidated Redirects and Forwards

Target Audience

  • Developers, Architects, Administrators and Technical Testers.
  • Less technical but interested participants are welcome, although they will get the most out of the course if they can attend with a technical colleague to share the lab work.

Prerequisites

A good understanding of how a typical web application works and knowledge of at least one web language.

Download Introduction to Secure web coding course description (pdf)

Register now >