Security awareness for Web developpers

Target Audience
Web Developpers and project manager who are involved into developpment project

Prerequisites
Participants should have a good understanding about Windows and Unix/Linux along with knowledge of TCP/IP and Networking

Course Description and Contents

• Introduction and Information Security : Introduces information security, its main concepts and why it is important
• OWASP in a nutshell : Provides insight about OWASP and its main subprojects
• What are Web Applications : Introduces web applications, technologies and frameworks that are used
• Secure Design Principles : Outlines security principles that should be observed by any developer
• Authentication : Exposes the different authentication methods and the risks that they introduce
• Cryptography : Explains the different cryptography families that exist, how they can be used and for what purpose
• Phishing, scamming, pharming, worms and malware : Introduces developers to these attack vectors
• SQL injections : Provides an in-depth analysis of this wellknown type of attack
• XSS, XSSI, and XSRF injections : Analyses the concepts behind these recent attacks
• Client State validation : Describes the common pitfalls of session handling
• Buffer overflows : Analyses the concepts behind such attacks
• Error Handling : Describes the best practices in error handling
• Framework considerations : Elaborate J2EE and/or .NET security considerations and tips

The dartalis consultants who will teach the course have a thorough understanding of the different attacks and security principles de- scribed during the class. They can obviously elaborate and go in-depth if a topic is of par- ticular interest to the participant

Cost 2.000,00 € (Including course, hand-outs & lunch, excl. VAT)