Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
Certified Secure Web Application Engineer On-Demand
Description
The Certified Secure Web Application Engineer (CSWAE) On-Demand program is designed for individuals with a background in web application development who want to enhance their skills and secure their applications. This comprehensive course covers web application security, secure design architecture, threat modeling, risk management, and practical coding techniques to build robust and resilient web applications, all accessible at your own pace.
Outline
Module 1: Introduction to Web Application Security
- Understanding the importance of web application security
- Web application technologies and architecture
- Secure design architecture
- Common application flaws and defense mechanisms
- Principles of Defense-in-depth
- Secure coding best practices
Module 2: OWASP TOP 10
- Overview of the Open Web Application Security Project (OWASP)
- In-depth coverage of OWASP TOP 10 for 2017 & 2018
Module 3: Threat Modeling & Risk Management
- Tools and resources for threat modeling
- Identifying threats and countermeasures
- Methodologies for threat modeling
- Analyzing and managing risk
- Incremental threat modeling
- Security requirements identification
- Understanding the system and root cause analysis
Module 4: Application Mapping & Analysis
- Techniques for mapping web applications
- Web spiders and vulnerability assessment
- Discovering hidden content and application analysis
- Application security toolbox
- Setting up a testing environment
Module 5: Authentication and Authorization Attacks
- Authentication types and attacks
- Modeling authorization and access control
- Authorization attacks and user management
- Password storage and security measures
Module 6: Session Management Attacks
- Common session management vulnerabilities
- Session hijacking and fixation
- Environment configuration attacks
Module 7: Application Logic Attacks
- Exploiting application logic vulnerabilities
- Information disclosure and data transmission attacks
Module 8: Data Validation
- Input and output validation
- Trust boundaries and data validation attacks
- Designing validation strategies and tactics
- Handling errors and exceptions securely
Module 9: AJAX Security
- Securing AJAX applications
- Web services and application server security
- Protecting against AJAX-related attacks
Module 10: Code Review and Security Testing
- Identifying insecure code and mitigation
- Security testing methodologies
- Client-side and session management testing
- Developing security testing scripts
- Web application penetration testing
Module 11: Secure Software Development Lifecycle (SDLC)
- Overview of the secure SDLC methodology
- Web hacking methodology
Module 12: Cryptography
- Fundamentals of cryptography
- Key management and encryption techniques
- Digital signatures and certificates
- Hashing algorithms and authorization attacks
Module 13: Hands-on Labs Using Kali Linux
- Practical exercises covering various security topics
Annex: Alternative Labs
- Additional labs for hands-on practice and reinforcement
Self-Study Package (1-year access):
- Individual Course Access
- Online Course Video
- E-Book
- E-Lab Guide
- Exam Prep
- Exam
- Cyber Range Access
PreRequisites
- A minimum of 24 months’ experience in software technologies & security
- Sound knowledge of networking
- At least one coding Language
- Linux understanding
- Open shell
Audience
The Certified Secure Web Application Engineer Certification Course is designed for those have a background in web application development and want to have the skill set to make their applications secure. While not required, we recommend being familiar with general cyber security topics, including those taught in our C)ISSO: Information Systems Security Officer course.
- Pen Testers
- Security Officers
- Ethical Hackers
- Network Auditors
- Vulnerability assessors
- System Owners and Managers
- Cyber Security Engineers
$1095.00
|
|