The (Un-)Secure Web - Web security awareness training for developers and administrators

Recent studies indicate that more than 90% of all deployed webapplications are affected by serious security bugs. Effective countermeasures to mitigate attacks against web applications are already developed. However, their availability to developers as well as administrators does not seem to have any effect on this circumstance.

Most often this is a result of lacking security awareness. Thededicated training of security awareness regarding web applications improves the quality of developed applications essentially. Only ifyou know your enemy, you can fight back effectively.

Goals

While participating the "The (Un-)Secure Web" training you will learn how hackers attack a web application. Starting with common approaches you train how to attack a web server, a web application itself as well as backend systems like databases. In hands-on trainings you willperform the single steps of recent attacks and experience the attack paths of a real hacker.

Finally you will discuss possible countermeasures mitigating attacks and learn the basics of secure software development.

Content

• Environments at risk
  


• Attack possibilities
  


• Countermeasures
  


• Hands-on web hacking
  


• Secure software development
  

Requirements

• Basic knowledge of
  
  
  
  • web application development
    
  
  
  • webservers
    
  
  
  • HTTP and HTML
    
  
  
• Laptop

• 2 day training (09:00 - 12:00, 13:30 - 18:00)
• Fee incl. training material and lunch: CHF 2.200 or EUR 1.500 (excl. VAT)
• This training is also available as a company internal class -> please contact us
• Trainer: Jochen Haemmerle (OneConsult)
• Class language: German (or English)
• Class size: 5 - 15 students

Dauer