Objectives: The course is focused on a comprehensive coverage of web application security It covers the basics of application security, how to enforce security on a web application, Basics of Threat Modelling, Threat Profiling, OWASP Top Ten Testing, Black Box Testing, and Source Code Reviews.

Language: english

Course lessons: Course Overview and Objectives, Case Studies, Business Risks from Application Vulnerabilities, Introduction to web application vulnerabilities, OWASP Top Ten, Flash Attacks, IFrame Attacks, AJAX Vulnerabilities, Web 2.0, Web Services, Web Services Vulnerabilities, Threat Modeling – Objectives, Threat Modeling – Meaning and terminology, Hacker’s Interest Area, Threat Profiling, Threat Modeling – Practical Considerations, Threat Modeling – Case Study, Functional testing, Security testing, Difference between functional & security testing, Secure Coding Techniques, Secure Coding Techniques - Best Practices, Secure J2EE Programming, Secure .NET Programming, Secure PHP Programming, Significant OWASP Projects, OWASP Code Review Guide, OWASP Development Guide, OWASP Testing Guide, OWASP List of Vulnerabilities, Continuous security testing and assessments, Risk based approach, Risks from Outsourcing, Conducting VAPT, Source code audits, Infrastructure reviews, Test