Certified Web Application Security Professional (CWASP)

The course is focused on a comprehensive coverage of web application security. It will present security guidelines and considerations in web applications development. The participants will learn the basics of application security, how to enforce security on a web application, Basics of Threat Modelling, Threat Profiling, OWASP Top Ten Testing, Black Box Testing, and Source Code Reviews.

Course Contents

Session One: Introduction and Case Study   Module 1:Introduction   Module 2: Learnings from case studies

Session Two: Threat Modelling   Module 3: Application Security - An overview   Module 4: Threat Modeling - Objectives   Module 5: Threat Modeling - Meaning and Terminology   Module 6: Hacker's Interest Area   Module 7: Threat Profiling   Module 8: Practical Considerations   Module 9: Case Studies

Session Three: Introduction to Application Vulnerabilities   Module 10: OWASP Top Ten   Module 11: OWASC List of Vulnerabilities

Session Four: Functional v/s Security testing   Module 12: What is Functional testing?   Module 13: What is Security testing?   Module 14: Differences   Module 15: Tools for Functional and Security testing

Session Six: Continuous security testing and assessments   Module 17: Risk based approach   Module 18: Conducting VAPT, Source code audits, Infrastructure reviews

Who should attend this training?

All web app developers, testers, designers who wish to improve their security skills Developers and System Architects wishing to improve their security skills and awareness Team Leaders and Project Managers

Objectives of the course

Upon completion of this course, participants will be able to:
• Understand the need for security
• Understand the various security threats and countermeasures
• Design and Develop secured web applications