Web Application Hacking and Defense
CERTIFIED WEB APPLICATION SECURITY SPECIALIST (CWASS)
This training focuses on providing you hands-on experience of real-world web attacks. You will learn the most common threats against web applications and updated advanced web application exploitation techniques. Throughout the training, you will be exposed to how web application vulnerabilities can be exploited and learn to conduct web application risk assessment and penetration testing. This web application security training will help you to master the key concepts in website security, the OWASP top 10 web vulnerabilities and beyond.
STRENGTHS OF THIS COURSE
Pre-training
Security Assessment With Analysis Report
No other training provider did this before, we are the FIRST! Prior the training, our security engineers will conduct a web application security assessment and provide a security analysis report on your web application.
Understand Your Web Application
You will get a clear understanding on the security and the hidden risks of your web application.
During the training
Hands-on Session
You will learn and improve your technical skills to test and secure a web application.
Solution-Driven
You will have the opportunity to focus and get professional consultation from trainer based on the challenges you face in the security analysis report on your web application.
Live Hacking and Penetration Testing Session
You will practice and sharpen your skills by applying it in the live web application hacking session.
Post-training
Skills Application
You will be able to understand and fix the vulnerabilities of your web application listed in the security analysis report.
Master Web Application Security
You will be able to master advanced techniques to secure and conduct security assessment and penetration testing on web application.
Course Outline
Module 1: Introduction to Web Application Penetration Testing
Module 2: Web Application Architecture and Development
Module 3: HTTP Basics
Module 4: Information Gathering
Module 5: Mastering Burp Suite
Module 6: Injection
Module 7: Broken Authentication
Module 8: Sensitive Data Exposure
Module 9: XML External Entities (XXE)
Module 10: Broken Access Control
Module 11: Security Misconfiguration
Module 12: Cross-Site Scripting (XSS)
Module 13: Insecure Deserialization
Module 14: Using Components with Known Vulnerabilities
Module 15: Insufficient Logging & Monitoring
Module 16: Recommended Tests
Module 17: Introduction to Secure Coding
Learning Outcome
• Enable you to understand and communicate the web application security risks associated with hacking and other exploits
• Discover real-world web application hacking techniques and countermeasures
• Sharpen up your technical skills and learn to fix the web application vulnerabilities
• Learn to perform a web application security risk assessment and penetration testing to evaluate web application security threats and possible exploits
• Enable you to develop and design a secure web application
• Enable you to tackle real-life scenarios and apply new skills to the job with ease
Exam Details
Number of Questions: 1 Web Application
Passing score: 70%
Test Duration: 85 mins Exam + 5 mins NDA
Test Format: Multiple Choice
Test Delivery: Condition Zebra Test Center
Exam Prefix: CZ200
Who Should Attend
• Web Application Developers or Architects
• Web Security Professionals
• Development Managers
• Penetration Testers
• Application Security Analysts
• Information Security Professionals
• And Anyone who is Responsible For Web Application Security, Data Protection or Tasked With Building Secure Web Applications
Duration
4 Days
Web Application Hacking and Defense
Brochure
Ready to get started?
Get in touch, or sign up now!