Web Application Secure Coding
In order to deeply understand the most common Web Applications security issues and
how to prevent them, attendees will exploit an intentionally vulnerable Web Application,
review the vulnerable source code, draft required fixes to mitigate the existing
vulnerabilities, and discuss existing solutions to address the most common security risks.
Training sessions are delivered by a security practitioner and OWASP project co-leader.
Target Audience
Front-end and back-end developers, DevSecOps, and Pentesters.
Training Program
Part 1
- Introduction to the Open Web Application Security Project (OWASP) and the OWASP Top 10 project
- The HTTP protocol and how Web Applications work on top of it
Part 2
For each of the ten most common Web Applications security risks (according to the OWASP Top 10):
- Exploit the vulnerability
- Perform secure code review
- Draft required fix
- Discuss existing solutions to detect and mitigate the risk
What You’ll Learn
- Relevant OWASP projects and how to use them to write secure code
- HTTP protocol fundamentals and how Web Applications work on top of it
- In-depth knowledge of the ten most common Web Applications security risks
- How threat agents exploit Web Application vulnerabilities: tools and techniques
- How to perform secure code review
- How to avoid the most common Web Applications security vulnerabilities
What are you waiting for? Get in touch to schedule your training session.
Local
Presential / Online
Duration
8 HoursGroup Size
Individual/Up to 10 persons
Value
On request
Instructor
Paulo Silva
With a bachelor's degree in Computer Sciences and 15+ years developing software, in the last 8+ years, Paulo has been focused on security research, ethical hacking, and penetration testing. He is a long-term OWASP volunteer and project leader, being one of those responsible for the OWASP API Security Top 10. He has co-/authored several secure coding practices manuals such as the OWASP Go Secure Coding Practices and the Kotlin Secure Coding Practices guide.