Course Outline

Introduction

Overview of Web Security Testing Guide

  • The OWASP Testing Project
  • Tailoring and prioritizing for organizations
  • Testing principles and techniques
  • Security testing objectives and requirements

Exploring Various Testing Techniques

  • Manual inspections and reviews
  • Threat modeling
  • Source code review
  • Penetration testing
  • Security test integration and data analysis

Understanding the OWASP Testing Framework

  • Activities from development to deployment
  • Maintenance and operations
  • Lifecycle end-to-end testing framework and workflow
  • Penetration testing methodologies

Performing Web Application Security Testing

  • Information gathering
  • Configuration and deployment management testing
  • Identity management testing
  • Authentication and authorization testing
  • Session management testing
  • Input validation testing
  • Testing for error handling
  • Testing for weak cryptography
  • Business logic testing
  • Client-side testing
  • API testing

Reporting the Testing Assessment and Results

  • Introduction section
  • Executive summary
  • Findings section
  • Appendices

Getting Involved in the Web Security Testing Guide

  • Referencing and linking WSTG scenarios
  • Code of conduct
  • Contribution guide
  • Feature requests and feedback

Summary and Conclusion

Requirements

  • A general understanding of web development lifecycle
  • Experience in web application development, security, and testing

Audience

  • Developers
  • Engineers
  • Architects
  21 Hours
 

Need help picking the right course?
Call us +971 4871 6715

Testimonials

On point

Genting Malaysia Berhad

Related Courses

Web Security with the OWASP Testing Framework

  28 hours
The Open Web Application Security Project (OWASP) is an online community that creates freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. OWASP offers web security testing
Read More...

Secure Developer Java (Inc OWASP)

  21 hours
This course covers the secure coding concepts and principals with Java through Open Web Application Security Project (OWASP) methodology of testing. The Open Web Application Security Project is an online community which creates
Read More...

Secure Developer .NET (Inc OWASP)

  21 hours
This course covers the secure coding concepts and principals with ASP.net through the Open Web Application Security Project (OWASP) methodology of testing , OWASP is an online community which creates freely-available articles, methodologies,
Read More...

OWASP Top 10

  14 hours
The OWASP Top 10 is a community-led, open-source document developed by the Open Web Application Security Project (OWASP) Foundation that identifies the most common web application threats and vulnerabilities. OWASP Top 10 provides a comprehensive
Read More...

OWASP Mobile Security Testing Guide

  21 hours
The Mobile Security Testing Guide (MSTG) is a community-led, open-source testing resource that provides a comprehensive guide covering the processes, techniques, and tools used during security testing for mobile applications and services. The Open
Read More...

Python Programming - 4 days

  28 hours
This course is designed for those wishing to learn the Python programming language. The emphasis is on the Python language, the core libraries, as well as on the selection of the best and most useful libraries developed by the Python community.
Read More...

Website Development in PHP

  21 hours
The course familiarizes participants with the PHP language and its integration with the Web environment. The participant will learn how to make a dynamic page, write database applications and to protect applications from unauthorized
Read More...

Design Patterns in PHP

  14 hours
The course will cover the design patterns with particular emphasis on patterns used in PHP.
Read More...

Web Application Development in PHP

  21 hours
The course is designed for intermediate PHP developers who want to enrich their knowledge and learn best practices in programming and web development techniques based on object-oriented programming and design
Read More...

JavaScript - Advanced Programming

  14 hours
The training is designed for JavaScript developers, designing and implementing advanced Internet applications. Topics discussed during the training aimed at bringing best practices in JavaScript programming and highlight the most common mistakes. An
Read More...

Administration with Powershell

  35 hours
This intensive training provides the fundamental knowledge and skills to use Windows PowerShell for automating administration of Windows based computers. The skills taught in this course are applicable to all Microsoft products that use Windows
Read More...

Web Development with Symfony3

  28 hours
Symfony is a set of PHP Components, a Web Application framework, a Philosophy and a Community.
Read More...

Web application development with Flask

  14 hours
This practical course is addressed to Python developers that want to create and maintain their first web applications. It is also addressed to people who are already familiar with other web frameworks such as Django or Web2py, and want to learn
Read More...

Progressive Web Apps (PWA)

  14 hours
A Progressive Web App (PWA) is a web application that performs like a native mobile app. A Progressive Web App can be deployed as a regular website as well as a Native app on an app store. In this instructor-led, live training (onsite or remote),
Read More...

React: Build Highly Interactive Web Applications

  21 hours
React is an open source Javascript library that can be used to create interactive web and mobile applications. It is often compared to MVC frameworks such as Angular, Ember and Backbone, however, React is distinct in its focus on the UI of the
Read More...