Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Part 1. Introduction
Basic concepts
- Security boundary Source and sink metaphors AppSec kill chain Threat modeling
Part 2. Backend
Backend overview
- Assets and attack vectors Backend threat model
Application boundary
- Frontline Overview Authentication and Authorization Session Management Input Validation
Database boundary
- Frontline Review SQL injection NoSQL injection
Operating system boundary
- Frontline Overview Memory Security Command Injection Path Traversal The Lights and Shadows of File Upload XML external entity reference Deserialization
Part 3. Frontend
Frontend overview
- The Cookie Tragedy Single Origin Policy JavaScript Frontend Threat Model
Border of origin
- Cross-site scripting frontline review
- Cross-site request forgery
- Cross-site leaks
- Inne problemy
Part 4. Big questions
How to keep a secret?
- Secrets management. Managing sensitive data
How to ensure code and data integrity?
- Supply chain attacks Cache poisoning
How to maintain availability?
- About the importance of keeping a diary Self-healing systems Surviving disasters Surviving volume attacks
14 Hours
Testimonials (1)
A wide range of topics and interesting facts added by the trainer from time to time.
Kamil - Komenda Główna Straży Granicznej
Course - Bezpieczeństwo aplikacji internetowych
Machine Translated