Web Security Essentials (DE/EN)
In this hands on course you will learn the basic on how to secure a web application. The course is language agnostic, so it doesn’t matter what technology you use.
Content
During the course we’ll cover:
-
Web Basics
- The HTTP
- Sessions
-
Session Management
- Fixiation Attacks
- Low Entropy Attacks
- CSRF
-
Common Vulnerabilities and OWASP Top 10
- Injections
- (No)SQL Injections
- XML Security
- Cross Site Scripting
- Direct Object Enumeration
- Miskonfiguration
- Logic Bugs
Prerequisites
A basic understanding of web technologies, such as HTML and JavaScript ist needed.
Info
- Course Duration: 1 day
- Laptop required?: No, a Thinkpad will be prepared
- Price: 600 Euros
- Certification: Fraunhofer Academy Certificate
Target Audience
The course is best suited for:
- Web Developers
- Backend Developers
- Software Architects
- Programmers
If you’re unsure whether it’s suited for you, contact us at course@itsec.rocks.
Booking
The next available training dates are:
- 20.08.2020
- or suggest an individual date
To book a training, please send an email to booking@itsec.rocks, stating your name and the number of participants.
Trainer
Ruben Gonzalez
My name is Ruben Gonzalez and I’m a security engineer from Bonn.
In my work life I have experienced facettes of security as admin, programmer, evaluator and security engineer. Most weekends I spend hacking at the redrocket.club, which I co-founded. I hold a masters degree in computer science and I am certified Linux professional (LPIC and Novell).
I am also a Ph.D. student with a research focus on cryptographic protocols, such as (D)TLS. During code audits I have found quite some interesting vulnerabilities that I love to talk about.
Apart from itsec.rocks I teach a course about hacking and web security at the university.