Training

Awareness – Web Application Security

One of the most important foundations for practising security is to gain an awareness of the threats posed by the web. Participants of this course will learn how to detect and evaluate threats and work towards finding and reflecting about effective countermeasures.

Our compact Awareness Training is sufficient to obtain the proper background knowledge of web application security. Only by knowing and correctly assessing the threats is it possible to come to the right conclusions. In our course, we demonstrate how attackers operate, what motivates them and how simple it can be, under certain circumstances, to inflict serious damage. We examine particularly spectacular cases that have come to light for their relevance to the company’s own environment. It is not our intention to fan fear by inflating exotic cases, but rather to examine real threats within the context of a particular company or sector. Finally, we draw a link to pragmatic approaches and modern practices for security on the web.

We also offer this training course as a workshop, in which the client’s situation, their protection needs and specific approach to improving security can be incorporated and discussed, with focus on finding a solution. We would be pleased to advice you on the individual configuration of your training session.

Our trainers’ high credibility in presenting actual threats is based on many years of hands-on experience.

Content

  • Attacks
    • Cross-Site Scripting (XSS)
    • SQL-Injection
    • CSRF, Clickjacking
    • Phishing/Spear-phishing
  • Defenses
    • Eingabevalidierung, Ausgabekodierung
    • Anti-Automatisierung

Target Audience

  • Decision Maker
  • Projectmanager
  • Software Architects
  • Software Developer
  • Safety Advisor

Duration

from half a day to a full day

Requirements

none

Trainer

Dr. Bastian Braun

Security Advisor in many software projects

Dr. Benjamin Kellermann