• Homepage
  • >
  • Certified Secure Web Application Engineer C)SWAE (owasp)

Certified Secure Web Application Engineer C)SWAE (owasp)

Certified Secure Web Application Engineer C)SWAE (owasp)
0,0 rating based on 12.345 ratings
Overall rating: 0 out of 5 based on 0 reviews.

Organizations and governmentsfall victim to internet based attacksevery day. In many cases, web attacks could bethwarted but hackers, organized criminal gangs, and foreign agents are able to exploit weaknesses in web applications. The Secure Web programmer knows how to identify, mitigate and defend against all attacks through designing and building systems that are resistant to failure. The secure web application developer knows how to develop web applicationsthat aren’tsubject to common vulnerabilities, and how to test and validate that theirapplicationsare secure, reliable and resistant to attack. Thevendor neutralCertifiedSecure Web Application Engineercertificationprovides the developerwith a thorough and broad understanding of secure application concepts, principles and standards. The studentwill be able to design, develop and test web applications that will provide reliable web servicesthat meet functional business requirements and satisfy compliance and assurance needs.The CertifiedSecure Web Application Engineercourse is delivered by high level OWASP experts and students can expectto obtain real world security knowledge that enables them to recognize vulnerabilities, exploit system weaknesses and help safeguard against application threats.

Wat leer je?

Upon completion, Certified Secure Web Application Engineer students will be able

to establish industry acceptable auditing standards with current best practices and policies. 

Students will also be prepared to competently take the C)SWAE exam.

Welke voorkennis heb je nodig?

  • A minimum of 24
  • months’experience in softwaretechnologies& security
  • Soundknowledge of networking
  • At least one coding Language
  • Linux understanding
  • Open shell

Trainingsvorm

3,200.00

(excl. BTW)

Trainingsduur

5 dagen

Startdatum

04 januari 2021

Kom je er niet uit?

Neem dan contact op met onze klanten service voor studieadvies of een training op maat.

 

Trainingsdata

Startdatum

Trainingsvorm

Locatie

Duur

Prijs

datum:
04 januari 2021

5 dagen

2,995.00

datum:
04 januari 2021

5 dagen

3,200.00

datum:
22 maart 2021

5 dagen

2,995.00

datum:
22 maart 2021

5 dagen

3,200.00

datum:
31 mei 2021

5 dagen

2,995.00

datum:
31 mei 2021

5 dagen

3,200.00

datum:
09 augustus 2021

5 dagen

2,995.00

datum:
09 augustus 2021

5 dagen

3,200.00

datum:

In company

Waarom Startel?

Persoonlijke
aanpak
Ervaren
trainers
Aanbod
op maat
Klassikaal en e-learning
mogelijkheden

Het programma

Module1: Web Application Security


  • Web Application Security
  • Web Application Technologies and Architecture
  • Secure Design Architecture
  • Application Flaws and Defense Mechanisms
  • Defense In-Depth
  • Secure Coding Principles


Module 2: OWASP TOP 10


  • The Open Web Application Security Project (OWASP)
  • OWASP TOP 10 for 2017 & 2018


Module3: Threat Modeling & Risk Management


  • Threat Modeling Tools & Resources
  • Identify Threats
  • Identify Countermeasures
  • Choosing a Methodology
  • Post Threat Modeling
  • Analyzing and Managing Risk
  • Incremental Threat Modeling
  • Identify Security Requirements
  • Understand the System
  • Root Cause Analysis


Module 4: Application Mapping


  • Application Mapping
  • Web Spiders
  • Web Vulnerability Assessment
  • Discovering other content
  • Application Analysis
  • Application Security Toolbox
  • Setting up a Testing Environment


Module5: Authentication and Authorization attacks


  • Authentication
  • Different Types of Authentication (HTTP, Form)
  • Client Side Attacks
  • Authentication Attacks
  • Authorization
  • Modeling Authorization
  • Least Privilege
  • Access Control
  • Authorization Attacks
  • Access Control Attacks
  • User Management
  • Password Storage
  • User Names
  • Account Lockout
  • Passwords
  • Password Reset
  • Client-Side Security
  • Anti-Tampering Measures
  • Code Obfuscation
  • Anti-Debugging


 


Module6: Session Management attacks


  • Session Management Attacks
  • Session Hijacking
  • Session Fixation
  • Environment Configuration Attacks
  • Module7: Application Logic attacks
  • Application Logic Attacks
  • Information Disclosure Exploits
  • Data Transmission Attacks


Module8: Data Validation


  • Input and Output Validation
  • Trust Boundaries
  • Common Data Validation Attacks
  • Data Validation Design
  • Validating Non-Textual Data
  • Validation Strategies & Tactics
  • Errors & Exception Handling

    • Structured Exception Handling
    • Designing for Failure
    • Designing Error Messages
    • Failing Securely


Module 9: AJAX attacks


  • AJAX Attacks
  • Web Services Attacks
  • Application Server Attacks


Module10: Code Review and Security Testing


  • Insecure Code Discovery and Mitigation
  • Testing Methodology
  • Client Side Testing
  • Session Management Testing
  • Developing Security Testing Scripts
  • Pentesting a Web Application


Module 11: Web Application Penetration Testing


  • Insecure Code Discovery and Mitigation
  • Benefits of a Penetration Test
  • Current Problems in WAPT
  • Learning Attack Methods
  • Methods of Obtaining Information
  • Passive vs. Active Reconnaissance
  • Footprinting Defined
  • Introduction to Port Scanning
  • OS Fingerprinting
  • Web Application Penetration Methodologies
  • The Anatomy of a WebApplication Attack
  • Fuzzers


Module12: Secure SDLC


  • Secure-Software Development Lifecycle (SDLC)
  • Methodology
  • Web Hacking Methodology


Module 13: Cryptography


  • Overview of Cryptography
  • Key Management
  • Cryptography Application
  • True Random Generators (TRNG)
  • Symmetric/Asymmetric Cryptography
  • Digital Signatures and Certificates
  • Hashing Algorithms
  • XML Encryption and Digital Signatures Authorization Attacks


NOTE:Student will use Kali Linux

Hoe maken we het persoonlijk?

Bij Startel is persoonlijk ook écht persoonlijk. Om de best passende trainingen te geven starten we met het belangrijkste ingrediënt: jou.

  1. We starten altijd met een intake om jou te leren kennen.
  2. We passen de Training aan de hand van jouw ambitie en doelen aan.
  3. We kijken ook naar jouw persoonlijke situatie om de lesstof zo praktisch mogelijk te maken.

Wat zeggen anderen?

Certified Secure Web Application Engineer C)SWAE (owasp)
0,0 rating based on 12.345 ratings
Overall rating: 0 out of 5 based on 0 reviews.

Laat een review achter

Name
Rating
Review Content
.

Contact formulier

categorie:
  • Security

Op de hoogte blijven van de nieuwste trainingen?

Schrijf je in voor onze nieuwsbrief!