SafeStack Academy logo

Finding and Fixing Web Application Security Vulnerabilities

  • Takes approximately 6 hours to complete

Description

Software security vulnerabilities are big business for potential attackers.

Identifying them early and knowing what common pitfalls to avoid can make a big difference to the resilience of your applications.

This course will help you to understand, identify, and avoid common software security vulnerabilities in your code.

Certification

Secure Developer: Level 1

Course Objectives

  • Common web application security vulnerabilities and how to find them.
  • Approaches to avoid or reduce these vulnerabilities and how they work.
  • The challenges and trade-offs we face when implementing these controls.

Modules

Module 1: Object Access Vulnerabilities

  • What causes object access vulnerabilities.
  • How to identify them and understand their impact.
  • How to protect your application from this vulnerability.

Module 2: Enumeration Vulnerabilities

  • What causes enumeration vulnerabilities and why they’re interesting to an attacker.
  • How to identify them and understand their impact.
  • How to protect your application from this vulnerability.

Module 3: SQL Injection Vulnerabilities

  • What causes SQL injection vulnerabilities and why they’re so powerful.
  • How to identify them and understand their impact.
  • How to protect your application from this vulnerability.

Module 4: Configuration Vulnerabilities

  • What causes configuration vulnerabilities and where in our stack we can find them.
  • How to identify them and understand their impact.
  • How to protect your application from this vulnerability.

Module 5: Operating System Injection Vulnerabilities

  • What causes Operating System Injection vulnerabilities and why they matter in a web application focused world.
  • How to identify them and understand their impact.
  • How to protect your application from this vulnerability.

Module 6: Cross Site Scripting Vulnerabilities (XSS)

  • What causes Cross Site Scripting (XSS) vulnerabilities and how does they are exploited.
  • How to identify them and understand their impact.
  • How to protect your application from this vulnerability.

Module 7: Passwords and Authentication

  • Common password behaviours and why they happen.
  • How to securely store passwords within our applications.
  • Multi-factor authentication and the challenge of choosing the best one for your context.
  • Life beyond passwords and the future of authentication.

Module 8: Session Vulnerabilities

  • What causes session vulnerabilities and the rules we can follow to protect our session identifiers.
  • How to identify them and understand their impact.
  • How to protect your application from this vulnerability.

Module 9: Using Components with Known Vulnerabilities

  • Why does software have vulnerabilities?
  • How do we respond when our dependencies have vulnerabilities?
  • What is the impact of these vulnerabilities on us and the wider ecosystem?

Try SafeStack Academy today

See what makes our Secure Development training different with 14 days free trial access.
No credit card required.

Start 14 day free trial