Application Security Training and Source Code security
The course will focus on common security threats to web applications and what are countermeasures strategies available. The primary aim of the course is to educate developers, designers, architects and organizations about the consequences of the most common web application security vulnerabilities and methodology to protect against such vulnerabilities.
The course draws upon various published research and best practices in this area, like OWASP top 10 web application attacks, CERT, Microsoft's writing secure code, Web Application Security Consortium, CVE database published by MITRE, etc.
1. Introduction of information security scenario.
2. Primer on Web Application Security.
3. Common Threats and Vulnerabilities in Web application.
4. Breaking the network into Web, Application and Database.
5. Common attacks at Web end.
6. Common attacks at the Application end.
7. Common attacks at Database end including Code Injection Flaws / Sql Injection
8. Hands on simulation on common web application attack scenarios.