IT-Consulting

Timo Pagel | Web- and Cloud Security Training Expert

Security in Web Applications Advanced

Description

During this training, web developers will learn about the most common threats to web applications and what countermeasures can be taken. The open source project OWASP Juice Shop is used as an example application with vulnerabilities.

The concepts learned can be applied to any programming language and architecture.

After completing the course, participants will know the importance of web security for companies and organizations. They will acquire basic theoretical knowledge and methodological knowledge based on this knowledge in order to be able to carry out a (simple) risk assessment of web applications and to be able to offer approaches for securing them. You will gain an understanding of the interplay between the software development process and security.

Train efficiently

Content

Brief introduction to web basics
Basics of IT security
Threats oriented on the OWASP Top Ten
Security in a service-oriented world, oriented on the OWASP API Security Top 10
Docker security for developers
Mobile Security
Security in the development lifecycle
In the last three hours, participants will put their acquired knowledge to the test in a Capture the Flag / Tournament

Exercises consist of an attack part, where the threat is first learned through hands-on sample, and a defense part, where measures to reduce or defend against the threat presented or implemented.

Target audience:

All developers who have been involved in web application development for at least two years and for whom the following do not raise any question marks: HTML, HTTP, SQL, browsers.

Methodik

Learning by doing is one of the most important paradigms. More about the training methodology here.

Trainer

Timo Pagel incorporates his knowledge from over 20 years in operations and development into his trainings. As a DevSecOps consultant, he not only advises at the strategic level but also lends a hand.