Classes marked with a are Guaranteed to Run on the scheduled dates. Classes marked with a will be Guaranteed to Run with one more paid registration.
There are ??othercoursecount?? similar courses in different countries and/or formats.Click here to see them.
This course is available in these other formats: ??otherformatlist??
Need a customized class for your group? Contact Us.
No classes scheduled? Sign Up to be notified when new classes are added.
Click here to see our FAQs
*Public Price per Student
Upon completion of the Secure Web Application Development Seminar (Language Neutral) course, students will be able to:
- Understand potential sources for untrusted data
- Understand the consequences for not properly handling untrusted data such as denial of service, cross-site scripting, and injections
- Be able to test web applications with various attack techniques to determine the existence of and effectiveness of layered defenses
- Prevent and defend the many potential vulnerabilities associated with untrusted data
- Understand the vulnerabilities of associated with authentication and authorization
- Be able to detect, attack, and implement defenses for authentication and authorization functionality and services
- Understand the dangers and mechanisms behind Cross-Site Scripting (XSS) and Injection attacks
- Be able to detect, attack, and implement defenses against XSS and Injection attacks
- Understand the concepts and terminology behind defensive, secure, coding
- Understand the use of Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets
- Perform both static code reviews and dynamic application testing to uncover vulnerabilities in web applications
- Design and develop strong, robust authentication and authorization implementations
- Understand the fundamentals of XML Digital Signature and XML Encryption as well as how they are used within the web services arena
- Be able to detect, attack, and implement defenses for XML-based services and functionality
- Understand techniques and measures that can used to harden web and application servers as well as other components in your infrastructure
- Understand and implement the processes and measures associated with the Secure Software Development (SSD)
- Acquire the skills, tools, and best practices for design and code reviews as well as testing initiatives
- Understand the basics of security testing and planning
- Work through a comprehensive testing plan for recognized vulnerabilities and weaknesses
- Web Developers - This is an intermediate-level course designed for application project stakeholders who wish to get up and running on developing well defended web applications. Familiarity with a programming language (such as Java, .Net or C++) is required, and real world programming experience is highly recommended.
Take Before: Students should have an understanding and a working knowledge in basic programming in either .Net or Java. Depending on the language of choice, students should have experience similar to:
- TT4000 Understanding Internet Architectures
- TT2100 Mastering Java for OO Developers or a .Net Fundamentals courses
Take Instead (or After): We offer other courses that provide different levels of knowledge or focus:
- We offer this course for both Java (TT8120-J) and .Net (TT8120-N) flavors
- For team members that need a higher level view of security and related issues, please consider TT8020 Understanding Web Application Security
- If you are looking for hands-on labs, you might consider: TT8325 Securing Web Application Development Lifecycle (SDL) (for Java or .Net)
- If you need less of a web application orientation, you might consider: TT8200 Secure Coding (for Java or .Net)
This course is included in the following Roadmaps: