$397.00 USD

Change payment method

An account already exists with this email address. Is this you?

Sign in
4qhq3qfatgukw5vyduxs file

OWASP Top 10 Training

Overview

The OWASP Top 10 Training course covers vulnerabilities, attacks, and mitigations for the 2017 Open Web Application Project. The course consists of theory, instructor-led demonstrations of exploitations, and hands-on labs. The objective of the training is to hone the student's ability to recognize security vulnerabilities when conducting their own assessments, building applications, or developing security programs.

Highlights:

  • 14 Modules with 2 hours 40 minutes of instruction
  • 13 Assessment Tests
  • Instructor-Led Demonstrations of exploitations against vulnerabilities
  • 14 Student Labs
  • Downloadable Materials and Virtual Machines
  • Certificate of Completion
  • 16 CEUs
  • 90 Days Access

Target Student

Software developers, testers, and architects who design and develop
software in various programming languages and platforms including desktop, web, mobile, and cloud, and who want to improve their ability to deliver secure software.

Course Outline

Module 1: OWASP Top 10 Overview

  • About OWASP
  • What is the OWASP Top 10?
  • OWASP Terms

Module 1 Assessment

Module 2: Application Security Risks

  • Application Risks
  • OWASP Risk Rating Methodology

Module 2 Assessment

Module 3: Lab Setup

  • Software Considerations
  • Networking
  • Lab Setup Demonstration

Module 3 Assessment

Module 4: A1 – Injection

  • Injection Overview
  • Injection Prevention
  • Injection Exploitation Demonstration
  • Student Lab

Module 4 Assessment

Module 5: A2 – Broken Authentication

  • Broken Authentication Overview
  • Broken Authentication Prevention
  • Broken Authentication Exploitation Demonstration
  • Student Lab

Module 5 Assessment

Module 6: A3 – Sensitive Data Exposure

  • Sensitive Data Exposure Overview
  • Sensitive Data Exposure Prevention
  • Sensitive Data Exposure Demonstration
  • Student Lab

Module 6 Assessment

Module 7: A4 – XML External Entity Injection

  • XML External Entity Injection Overview
  • XML External Entity Injection Prevention
  • XML External Entity Injection Demonstration
  • Student Lab

Module 7 Assessment

Module 8: A5 – Broken Access Control

  • Broken Access Control Overview
  • Broken Access Control Prevention
  • Broken Access Control Exploitation Demonstration
  • Student Lab

Module 8 Assessment

Module 9: A6 - Security Misconfiguration

  • Security Misconfiguration Overview
  • Security Misconfiguration Prevention
  • Security Misconfiguration Exploitation Demonstration
  • Student Lab

Module 9 Assessment

Module 10: A7 – Cross-Site Scripting

  • Cross-Site Scripting Overview
  • Cross-Site Scripting Prevention
  • Cross-Site Scripting Exploitation Demonstration
  • Student Lab

Module 10 Assessment

Module 11: A8 – Insecure Deserialization

  • Insecure Deserialization Overview
  • Insecure Deserialization Prevention
  • Insecure Deserialization Exploitation Demonstration
  • Student Lab

Module 11 Assessment

Module 12: A9 – Using Components with Known Vulnerabilities

  • Using Components with Known Vulnerabilities Overview
  • Using Components with Known Vulnerabilities Prevention
  • Using Components with Known Vulnerabilities Exploitation Demonstration
  • Student Lab

Module 12 Assessment

Module 13: A10 – Insufficient Logging & Monitoring

  • Insufficient Logging & Monitoring Overview
  • Insufficient Logging & Monitoring Prevention
  • Insufficient Logging & Monitoring Exploitation Demonstration
  • Student Lab

Module 13 Assessment

Module 14: Course Summary

Appendix: Additional Labs

  • Practical Exercises Walkthrough