Secure Web Application Engineer


Organizations and governments fall victim to internet based attacks every day. In many cases, web attacks could be thwarted but hackers, organized criminal gangs, and foreign agents are able to exploit weaknesses in web applications. The Secure Web programmer knows how to identify, mitigate and defend against all attacks through designing and building systems that are resistant to failure. The secure web application developer knows how to develop web applications that aren’t subject to common vulnerabilities, and how to test and validate that their applications are secure, reliable and resistant to attack. The vendor neutral Certified Secure Web Application Engineer certification provides the developer with a thorough and broad understanding of secure application concepts, principles and standards. The student will be able to design, develop and test web applications that will provide reliable web services that meet functional business requirements and satisfy compliance and assurance needs.

The Certified Secure Web Application Engineer course is delivered by high level OWASP experts and students can expect to obtain real world security knowledge that enables them to recognize vulnerabilities, exploit system weaknesses and help safeguard against application threats.

Duration: 5 days
Live Virtual Training
A minimum of 24 months’ experience in software technologies & security
Sound knowledge of networking
At least one coding Language
Linux understanding
Open shell
Student Materials:
Student Workbook
Student Lab Guide
Exam prep guide
Certification Exam:
Mile2’s CSWAE- Certified Secure Web Application Engineer
CPEs: 32 Hours

Web Application Engineers
IS Managers
Application Engineers
Upon completion, Certified Secure Web Application Engineer students will be able to establish industry acceptable auditing standards with current best practices and policies. Students will also be prepared to competently take the C)SWAE exam.
The Certified Secure Web Application Engineer exam is taken online through Mile2’s Assessment and Certification System (“MACS”), which is accessible on your account. The exam will take 2 hours and consist of 100 multiple choice questions. The exam ust be purchased separately.
Module 1: Web Application Security
Module 2: OWASP TOP 10
Module 3: Threat Modeling & Risk Management
Module 4: Application Mapping
Module 5: Authentication and Authorisation attacks
Module 6: Session Management attacks
Module 7: Application Logic attacks
Module 8: Data Validation
Module 9: AJAX attacks
Module 10: Code Review and Security Testing
Module 11: Web Application Penetration Testing
Module 12: Secure SDLC
Module 13: Cryptography
Module 1 – Environment Setup and Architecture
Module 2 – OWASP TOP 10 2013
Module 3 – Threat Modeling
Module 04 – Application Mapping & Analysis
Module 5 – Authentication and Authorization attacks
Module 06 - Session Management attacks
Module 9 – AJAX Security
Module 10 – Code Review and Security Testing
Lab 10-1 – Code Review
Lab 10-2 Security Test Scripts
Lab 10-3 Writing Java Secure Code
Annex 11: Alternatives Labs
Lab 11-1: WebGoat & Webscarab
Lab 11-2: WebGoat - Cross Site Request Forgery (CSRF)
Lab 11-3: Missing Function Level Access Control
Lab 11-4: Perform Forced Browsing Attacks

Partener: Mile 2
Trainer: Mile2 Certified Trainer
Tip: Virtual
Durata: 5 zile

Alte cursuri similare
Cuvinte cheie