Introduction to Secure Web Coding...An introduction to the principles of secure coding for the web....

1
Introducon to Secure Web Coding Course details Duraon: 1 day Cost: $760 (ex gst) To register email: [email protected] About the course An introducon to the principles of secure coding for the web. This course focuses on the OWASP Top Ten vulnerabilies and how to protect against them. Learn with a mix of theorecal and hands-on content that will involve idenfying and exploing vulnerabilies. The course covers web applicaons (internet, intranet or extranet) wrien in all languages. Aendees will: Gain an understanding of the principles of secure coding for the web Be familiar with common security vulnerabilies and how to prevent them Know how to look for security vulnerabilies. Course Outline Security standards Secure coding principles OWASP Top 10 A1 Injecon A2 Broken Authencaon and Session Management A3 Cross-Site Scripng A4 Insecure Direct Object References A5 Security Misconfiguraon A6 Sensive Data Exposure A7 Missing Funcon Level Access Control A8 Cross-Site Request Forgery A9 Using Components with Known Vulnerabilies A10 Unvalidated Redirects and Forwards HTTP Security Headers Evil User Stories Target Audience Developers, Architects, Administrators and Technical Testers. Less technical but interested parcipants are welcome, although they will get the most out of the course if they can aend with a technical colleague to share the lab work. Prerequisites A good understanding of how a typical web applicaon works and knowledge of at least one web language.

Transcript of Introduction to Secure Web Coding...An introduction to the principles of secure coding for the web....

Page 1: Introduction to Secure Web Coding...An introduction to the principles of secure coding for the web. This course focuses on the OWASP Top Ten vulnerabilities and how to protect against

Introduction to Secure Web Coding

Course details

Duration: 1 day Cost: $760 (ex gst) To register email: [email protected]

About the course

An introduction to the principles of secure coding for the web. This course focuses on the OWASP Top Ten vulnerabilities and how to protect against them. Learn with a mix of theoretical and hands-on content that will involve identifying and exploiting vulnerabilities.

The course covers web applications (internet, intranet or extranet) written in all languages.

Attendees will:

• Gain an understanding of the principles of secure coding for the web

• Be familiar with common security vulnerabilities and how to prevent them

• Know how to look for security vulnerabilities.

Course Outline

• Security standards

• Secure coding principles

• OWASP Top 10

• A1 Injection

• A2 Broken Authentication and Session Management

• A3 Cross-Site Scripting

• A4 Insecure Direct Object References

• A5 Security Misconfiguration

• A6 Sensitive Data Exposure

• A7 Missing Function Level Access Control

• A8 Cross-Site Request Forgery

• A9 Using Components with Known Vulnerabilities

• A10 Unvalidated Redirects and Forwards

• HTTP Security Headers

• Evil User Stories

Target Audience

Developers, Architects, Administrators and Technical Testers.

Less technical but interested participants are welcome, although they will get the most out of the course if they can attend with a technical colleague to share the lab work.

Prerequisites

A good understanding of how a typical web application works and knowledge of at least one web language.

Secure Coding with Python - OWASP · •OWASP Python Security Project A new ambitious project that aims at making python more secure and viable for usage in sensitive environments.

Secure Coding with Python - OWASP · •OWASP Python Security Project A new ambitious project that aims at making python more secure and viable for usage in sensitive environments.

Developing Secure Applications with OWASP ·  · 2011-12-11Developing Secure Applications with OWASP Martin Knobloch ... Guide Application Security Desk Reference (ASDR) OWASP 8

Developing Secure Applications with OWASP ·  · 2011-12-11Developing Secure Applications with OWASP Martin Knobloch ... Guide Application Security Desk Reference (ASDR) OWASP 8

Project a Secure Web 2 - Security Summit del Web 2.0: Analisi... · Project a Secure Web 2.0 ... • OWASP Development Guide (doc): practical guidance with coding examples. ... Keeping

Project a Secure Web 2 - Security Summit del Web 2.0: Analisi... · Project a Secure Web 2.0 ... • OWASP Development Guide (doc): practical guidance with coding examples. ... Keeping

OWASP in favor of a more secure world

OWASP in favor of a more secure world

Secure Coding Practices - OWASPng_Practices_-_Quick_Reference_Guide 3 OWASP 4 Guide Overview Technology agnostic coding practices What to do, not how to do it Compact, but comprehensive

Secure Coding Practices - OWASPng_Practices_-_Quick_Reference_Guide 3 OWASP 4 Guide Overview Technology agnostic coding practices What to do, not how to do it Compact, but comprehensive

From Secure Coding to Secure Software

From Secure Coding to Secure Software

Securing Android Applications Dario Incalza - OWASP · 2020-01-17 · Securing Android Applications • Use secure best coding practices • Protect, obfuscate and encrypt your application

Securing Android Applications Dario Incalza - OWASP · 2020-01-17 · Securing Android Applications • Use secure best coding practices • Protect, obfuscate and encrypt your application

Secure Coding Embedded

Secure Coding Embedded

Secure Coding with Python - Belitsoft · •OWASP Python Security Project A new ambitious project that aims at making python more secure and viable for usage in sensitive environments.

Secure Coding with Python - Belitsoft · •OWASP Python Security Project A new ambitious project that aims at making python more secure and viable for usage in sensitive environments.

Secure coding and penetration testing with sdfdsasdfas Security.pdf · OWASP top 10 OWASP Testing Guide OWASP Development Guide. You! Now you know about us , its only fair we know

Secure coding and penetration testing with sdfdsasdfas Security.pdf · OWASP top 10 OWASP Testing Guide OWASP Development Guide. You! Now you know about us , its only fair we know

Go Secure Coding Practices•What is secure coding? •Advantage of secure coding → For Pentester → For Developer / Programmer •Are you familiar with Go? •Common Vulnerabilities

Go Secure Coding Practices•What is secure coding? •Advantage of secure coding → For Pentester → For Developer / Programmer •Are you familiar with Go? •Common Vulnerabilities

Secure Coding Frameworks - University Inn & Conference …conference.usu.edu/SYSTEM/Uploads/pdfs/14612_2147TimKertis.pdf · Security Project (OWASP) ... Secure Coding Frameworks.

Secure Coding Frameworks - University Inn & Conference …conference.usu.edu/SYSTEM/Uploads/pdfs/14612_2147TimKertis.pdf · Security Project (OWASP) ... Secure Coding Frameworks.

Lab Mannual For secure Coding & Secure Engineering

Lab Mannual For secure Coding & Secure Engineering

Secure Coding Ch01

Secure Coding Ch01

The OWASP Foundation OWASP AppSec Seattle Agile and Secure

The OWASP Foundation OWASP AppSec Seattle Agile and Secure

Secure Coding Frameworks - conference.usu.edu · Advocate for Secure Coding Frameworks (SCFs) Author of the JAVA Secure Coding Framework (JSCF) Inventor of Cybersecurity thru Lexical

Secure Coding Frameworks - conference.usu.edu · Advocate for Secure Coding Frameworks (SCFs) Author of the JAVA Secure Coding Framework (JSCF) Inventor of Cybersecurity thru Lexical

Secure coding checklist

Secure coding checklist

OWASP Day - OWASP Day - Lets secure!

OWASP Day - OWASP Day - Lets secure!

OWASP Education Project -Developing Secure Applications

OWASP Education Project -Developing Secure Applications

Secure Coding Proactive Controls - OWASP › › Secure_Coding_Proactive_Co… · Secure Coding Proactive Controls Prasad Salvi | AppSec Consultant | 1 OWASP Meet, Pune January 11,

Secure Coding Proactive Controls - OWASP › › Secure_Coding_Proactive_Co… · Secure Coding Proactive Controls Prasad Salvi | AppSec Consultant | 1 OWASP Meet, Pune January 11,