Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
Certified Secure Web Application Engineer
Description
Certified Secure Web Application Engineer C)SWAE Training Introduction
The Certified Secure Web Application Engineer C)SWAE) training program is meticulously designed for seasoned web application developers aiming to amplify their expertise in cybersecurity.
By participating in this course, you’ll dive into the intricacies of secure design, understand the critical aspects of threat modeling and risk management, and apply effective coding practices to safeguard your applications. The curriculum is structured to empower you with the skills necessary to construct resilient web applications that withstand various security threats, ultimately guiding you towards achieving the C)SWAE certification.
Through this immersive course, developers will not only enhance their technical knowledge but also their strategic approach to web application security, making it an essential step for professionals who are serious about integrating security into their development process.
This comprehensive training ensures you are well-prepared to tackle security challenges in today’s complex web environments.
Course Objectives
- Understand Web Application Security Principles: Gain a deep understanding of the fundamental principles that underpin the security of web applications.
- Learn Secure Design Architecture: Acquire skills in crafting architectures that prioritize security from the ground up.
- Master Threat Modeling and Risk Management: Develop expertise in identifying potential threats and managing risks effectively.
- Implement Practical Coding Techniques: Apply hands-on coding methods to enhance the security of your web applications.
- Preparation for CSWAE Certification: Equip yourself with the knowledge and skills necessary to successfully obtain the Certified Secure Web Application Engineer certification.
Certified Secure Web Application Engineer C)SWAE Exam Information
The Certified Secure Web Application Engineer exam is administered online through Mile2’s user-friendly Learning Management System (LMS).
- Duration: The exam will have a duration of approximately 2 hours.
- Question Type: It will consist of 100 multiple-choice questions.
- To successfully earn your certification as a Certified Secure Web Application Engineer (CSWAE), you must achieve a minimum passing grade of 70% on the exam.
Prerequisites
• A minimum of 24 months’ experience in software technologies & security
• Sound knowledge of networking
• At least one coding Language
• Linux understanding
• Open shell
Audience
The Certified Secure Web Application Engineer Certification Course is designed for those have a background in web application development and want to have the skill set to make their applications secure. While not required, we recommend being familiar with general cyber security topics, including those taught in our C)ISSO: Information Systems Security Officer course.
- Pen Testers
- Security Officers
- Ethical Hackers
- Network Auditors
- Vulnerability assessors
- System Owners and Managers
- Cyber Security Engineers
Certified Secure Web Application Engineer Course Outline
Introduction to Web Application Security
- Emphasizes the significance of web application security.
- Explores web application technologies and architecture.
- Covers secure design architecture principles.
- Addresses common application flaws and defense mechanisms.
- Highlights the principles of defense-in-depth.
- Provides guidance on secure coding best practices.
OWASP TOP 10
- Offers an overview of the Open Web Application Security Project (OWASP).
- Provides in-depth coverage of OWASP TOP 10 for 2017 & 2018.
Threat Modeling & Risk Management
- Introduces tools and resources for threat modeling.
- Guides in identifying threats and countermeasures.
- Explores methodologies for threat modeling.
- Covers the analysis and management of risk.
- Discusses incremental threat modeling.
- Addresses security requirements identification.
- Offers insights into system analysis and root cause analysis.
Application Mapping & Analysis
- Explores techniques for mapping web applications.
- Discusses web spiders and vulnerability assessment.
- Includes methods for discovering hidden content and application analysis.
- Introduces the application security toolbox.
- Provides guidance on setting up a testing environment.
Authentication and Authorization Attacks
- Examines authentication types and associated attacks.
- Discusses modeling authorization and access control.
- Addresses authorization attacks and user management.
- Provides insights into password storage and security measures.
Session Management Attacks
- Highlights common session management vulnerabilities.
- Covers session hijacking and fixation.
- Discusses environment configuration attacks.
Application Logic Attacks
- Explores application logic vulnerabilities and exploitation.
- Addresses information disclosure and data transmission attacks.
Data Validation
- Covers input and output validation.
- Discusses trust boundaries and data validation attacks.
- Provides guidance on designing validation strategies and tactics.
- Addresses the secure handling of errors and exceptions.
AJAX Security
- Focuses on securing AJAX applications.
- Discusses web services and application server security.
- Offers protection against AJAX-related attacks.
Code Review and Security Testing
- Identifies insecure code and mitigation strategies.
- Explores security testing methodologies.
- Covers client-side and session management testing.
- Provides guidance on developing security testing scripts.
- Includes web application penetration testing.
Secure Software Development Lifecycle (SDLC)
- Offers an overview of the secure SDLC methodology.
- Explores the web hacking methodology.
Cryptography
- Covers the fundamentals of cryptography.
- Discusses key management and encryption techniques.
- Addresses digital signatures, certificates, and hashing algorithms.
- Highlights authorization attacks involving cryptography.
Hands-on Labs Using Kali Linux
- Provides practical exercises covering various security topics.
Annex: Alternative Labs
- Includes additional labs for hands-on practice and reinforcement.
Mile2 is Accredited by the NSA-CNSS, Approved on Homelands Security NICCS Framework, and is on the FBI’s Tier 1-3 Certification Training Chart.
$3500.00
|
5 Days Course |