ZION SECURITY :: Introduction to Web Application Security

Solutions
Code review
Penetration test
Quick Scan
Security testing
Web Application Firewall
Web Anti-Malware
Web Security
ZION VERIFIED
ZION MONITORED
Telecom Security
ZION UNIVERSITY

E-Learning Introduction to Web Application Security

During one hour we provide students with the basic concepts and terminology for understanding application security issues. It provides a definition of application-level security and demonstrates how these concerns extend beyond those of traditional infrastructure security. We discuss common application security vulnerabilities such as SQL injection, Cross Site Scripting (XSS) and authorization issues.

Lesson 1: Intro & Concepts
After completing this lesson, you should be able to:

Explain how intended application functionality differs from the intended functionality and how it is interesting to an attacker
Realize the potential for application inputs to be used as avenues for attack

Lesson 2: Real Case Studies - Notable Breaches
After completing this lesson, you should be able to:

Appreciate the impact of poor security in production environments
Justify the mitigation effort to minimize exposed attack surfaces

Lesson 3: Application Attack Demonstration
After completing this lesson, you should be able to:

Understand the approaches an attacker uses to find application-level vulnerabilities
Understand the potential for malicious use of features in a vulnerable application

Lesson 4: What is Application Security and Why is it Important?
After completing this lesson, you should be able to:

Provide a working definition of application security
Provide explanations of the chief application security concerns: Confidentiality, Integrity and Availability
Explain why application security is important for organizations to address
Describe the roles that major regulatory requirements play in secure application development

Lesson 5: SQL Injection Activity
After completing this lesson, you should be able to:

Understand the basics of an SQL Injection attack
Understand the potential impact of exploited SQL injection vulnerabilities
Understand the basics of protecting an application from injection attacks

Lesson 6: HTTP Basics
After completing this lesson, you should be able to:

Explain the difference between GET and POST requests
Explain the Lifecycle of HTTP Requests
Explain the benefits and risks of session authentication over HTTP Basic authentication

Lesson 7: Cross-Site Scripting Activity
After completing this lesson, you should be able to:

Describe the mechanics behind Cross-Site Scripting (XSS) vulnerabilities and attacks
Understand how XSS can abuse a user's trust
Understand the types of risks the exploitation of XSS vulnerabilities poses to web applications

Free demonstration?

Please contact us for more information, a free demonstration or prices by phone (016/29.79.22), by mail (sales@zionsecurity.com) or by filling in a contact form through our website.