• Introduction and Information Security : Introduces information security, its main concepts and why it is important
• OWASP in a nutshell : Provides insight about OWASP and its main subprojects
• What are Web Applications : Introduces web applications, technologies and frameworks that are used
• Secure Design Principles : Outlines security principles that should be observed by any developer
• Authentication : Exposes the different authentication methods and the risks that they introduce
• Cryptography : Explains the different cryptography families that exist, how they can be used and for what purpose
• Phishing, scamming, pharming, worms and malware : Introduces developers to these attack vectors
• SQL injections : Provides an in-depth analysis of this well-known type of attack
• XSS, XSSI, and XSRF injections : Analyses the concepts behind these recent attacks
• Client State validation : Describes the common pitfalls of session handling
• Buffer overflows : Analyses the concepts behind such attacks
• Error Handling : Describes the best practices in error handling
• Framework considerations : Elaborate J2EE and/or .NET security considerations and tips

The dartalis consultants who will hold the course have a thorough understanding of the different attacks and security principles described during the class. They can obviously elaborate and go in-depth if a topic is of particular interest to the participant

Participants should have a good understanding about Windows and Unix/Linux along with knowledge of TCP/IP and Networking.