Workshop Overview
This course is introduction to the world of web application security testing. It is designed to walk testers through every step of web application penetration testing arming them with the knowledge and tools they will need to begin conducting their own security testing. The course will teach the participants how to think like a security engineer by creating and executing a security test plan. Participants will be exposed to the common web application vulnerabilities, testing techniques and tools by a professional security tester
Workshop Benefits
After the completion of the course, the participants would be able to:
- Identify why software security matters to their business
- Quickly Identify the riskiest areas of an application
- Perform a high-level security assessment on their application.
- Integrate security test cases and tools as part of their test suites
- Report findings in a comprehensive manner in order t o enable timely remediation
Workshop Content
- Introduction to Software Security
- Standard Application Attack Vectors
- Beyond the Application
- Introduction to the web
- Introduction to Web application Security :
- Introduction to Web app recon.
- Review of top web application vulnerabilities : (Hands on Exercise on webgoat)
- Common Weaknesses
- Data Leakage Attacks
- Incorrect Resource Transfer between Spheres
- Injection Attacks
Who Should Attend
- Quality assurance engineers
- Technical managers
- Software engineers
- Developers
- Customer Support engineers