Web security fundamentals

Today’s internet is a very rough place, with robots, spies, states, hackers, and other evil entities constantly roaming around the web looking for vulnerable web applications to attack. Because of this, it is very important that every developer has the necessary skills to protect their applications.

In this hands-on course you will learn the fundamentals of how the web works, how to protect your applications and how attacks are performed. It goes beyond the OWASP TOP-10 and gives you many concrete examples of how to fail and how to protect your applications.

This course is constantly improved as new security vulnerabilities and best practices emerge.

Target audience

This course targets developers on all platforms including .NET, Java, and PHP.

Prerequisites

You should have basic web development experience including HTML, CSS and JavaScript.

Duration

2 days. This course can either be delivered over 2 full days or 4 half days.

Agenda

In this course we will cover concepts like:

  • Social Engineering
  • Securing HTTPS
  • Unicode
  • Cross Site Scripting (XSS)
  • Preventing XSS with Content Security Policy (CSP)
  • Cross site request forgery (CSRF)
  • Securing your cookies
  • Same site cookies
  • Cross-Origin Resource Sharing (CORS)
  • SQL Injections
  • Authentication
  • Application DoS attacks
  • Securing passwords
  • Preventing data leaks
  • Intercepting proxies
  • Supply-chain attacks
  • Subresource Integrity

And much more…

Web Security fundamentals

Article SKU
T175

Duration
2 days or 4 half days

Level
Master

Language
English, Swedish

Price
Contact me for a price enquiry or to submit interest.

Training FAQs

Do you provide both on-site and remote training classes?

Yes, we provide both types of training.

Do you provide training in both Swedish and English?

Yes, both options are available. All our course materials are in English and we can teach the class in either Swedish or English.

Do you do half-day training?

When we run on-site, we usually do full-day classes. For remote training, we can provide options for both half and full days.

Do you do webinars and shorter talks?

Yes, please visit our Talks page for more details.

Do you provide customized courses?

Yes we do that. Contact me for more information.