Course Outline
Introduction
Overview of the Web Security Testing Guide
- The OWASP Testing Project.
- Tailoring and prioritising for organisations.
- Testing principles and techniques.
- Security testing objectives and requirements.
Exploring Various Testing Techniques
- Manual inspections and reviews.
- Threat modelling.
- Source code review.
- Penetration testing.
- Integration of security testing and data analysis.
Understanding the OWASP Testing Framework
- Activities from development to deployment.
- Maintenance and operations.
- End-to-end lifecycle testing framework and workflow.
- Penetration testing methodologies.
Performing Web Application Security Testing
- Information gathering.
- Configuration and deployment management testing.
- Identity management testing.
- Authentication and authorisation testing.
- Session management testing.
- Input validation testing.
- Testing for error handling.
- Testing for weak cryptography.
- Business logic testing.
- Client-side testing.
- API testing.
Reporting the Testing Assessment and Results
- Introduction section.
- Executive summary.
- Findings section.
- Appendices.
Getting Involved in the Web Security Testing Guide
- Referencing and linking WSTG scenarios.
- Code of conduct.
- Contribution guide.
- Feature requests and feedback.
Summary and Conclusion
Requirements
- A general understanding of the web development lifecycle.
- Experience in web application development, security, and testing.
Audience
- Developers.
- Engineers.
- Architects.
Custom Corporate Training
Training solutions designed exclusively for businesses.
- Customized Content: We adapt the syllabus and practical exercises to the real goals and needs of your project.
- Flexible Schedule: Dates and times adapted to your team's agenda.
- Format: Online (live), In-company (at your offices), or Hybrid.
Price per private group, online live training, starting from 3900 € + VAT*
Contact us for an exact quote and to hear our latest promotions
Testimonials (2)
I really enjoyed learning about AI attacks and the tools out there to begin practicing and actively using for security testing. I took a lot of knowledge away which I didn't have at the beginning and the course met what I hoped it would be. My favorite part shown from the training was Comet Browser and was amazed at what it could do. Definitely something will be looking into more. Overall it was a great course and enjoyed learning all OWASP GenAI Top 10.
Patrick Collins - Optum
Course - OWASP GenAI Security
That every technical lesson came with multiple practical exercises to nail down the concepts.
