Awareness and Secure Development of Web Applications

Trainers: Stefan Middendorf, Joshua Tiago

In order to make developers aware of vulnerabilities in web applications and to show important countermeasures, we offer our customers a special training on this topic. It includes elements of our “Hacking Extreme Web Applications” training and an additional workshop on secure development. 

It is typically a three-day training. During the first two days, we deal with selected topics from our “Hacking Extreme Web Applications” training to show how attackers think and what techniques they use. 

On day three, based on the Application Security Verification Standard (ASVS) of the Open Web Application Security Project (OWASP), we introduce the most important measures to be taken into account during the design and development of applications to prevent the vulnerabilities we talked about.

Topics of this training include:

• application architecture
• authentication and authorization
• session management
• access control
• input validation and output encoding
• use of cryptography
• error handling
• use of resources 
• use of web services

Moreover, in this context we can also address your individual questions concerning the secure development on the platforms used in your company and discuss your source-code examples. Essential measures for the hardening of web and application servers can be discussed on request.  

Please contact us. We would be happy to make you an offer tailored to your needs and to the topics you are interested in.   

Target group
Developers, architects and security experts

Duration
By arrangement, typically 2-3 days  

Price
By arrangement

This training will be held in German.