This training program aims to raise awareness among teams of developers of the IT risks associated with web application development. This module presents the techniques commonly used by hackers. The techniques presented are deepened and put into practice. The module details the best practices to adopt to protect against the attacks presented.
Overview
- Know the main flaws related to web applications
- Knowing how to detect the presence of the flaws presented
- Acquire good development practices
Course Curriculum
- Cybersecurity context
- OWASP
- Authentication and password management
- HTTP
- HTTP field manipulation
- Session management
- Path Traversal, LFI
- Caching
- RCE
- XSS
- SQL Injections
- CSRF
- Application denial of service
- XXE
- SSRF
- Unsecured deserialization
- Type Juggling
- Log forging
- Open Redirect
- OAuth2/OpenID
- Dependency Confusion
Learning Assessment
- Completion of online questionnaires after each sub-module
- Completion of a final online questionnaire covering all the concepts learned
- In the case of on-site training: carrying out practical exercises
The +
- Training provided by an expert in web application security
- The on-site trainings include practical exercises carried out by the participants themselves
Who should attend?
- Team of web developers
Prerequisites
- Basic knowledge of web environments: web language, SQL and Linux or Windows.
How and
when to access
The participant is considered registered when:
- The prerequisites and needs are identified and validated
- The training agreement is signed
Registration requests can be sent up to 5 working days before the start of the training.
Accessibility
Whether you are recognized as having a disability or not, making our training accessible to everyone is part of our commitment. If you need compensation or adaptation for the content, the supports, the place, the material used, the schedules, the rhythm, we are at your disposal.
Duration
2 days (14h)
+ OPCO support
Would you like more information?
contact us by filling out this form
