Course Outline
Introduction
Overview of the Web Security Testing Guide
- The OWASP Testing Project
- Tailoring and prioritizing for organizations
- Testing principles and techniques
- Security testing objectives and requirements
Exploring Various Testing Techniques
- Manual inspections and reviews
- Threat modeling
- Source code review
- Penetration testing
- Integration of security tests and data analysis
Understanding the OWASP Testing Framework
- Activities spanning from development to deployment
- Maintenance and operations
- End-to-end testing framework and workflow for the lifecycle
- Penetration testing methodologies
Conducting Web Application Security Testing
- Information gathering
- Testing for configuration and deployment management
- Identity management testing
- Authentication and authorization testing
- Session management testing
- Input validation testing
- Testing for error handling
- Testing for weak cryptography
- Business logic testing
- Client-side testing
- API testing
Reporting on Testing Assessments and Results
- Introduction section
- Executive summary
- Findings section
- Appendices
Getting Involved in the Web Security Testing Guide
- Referencing and linking WSTG scenarios
- Code of conduct
- Contribution guide
- Feature requests and feedback
Summary and Conclusion
Requirements
- A general understanding of the web development lifecycle
- Experience in web application development, security, and testing
Target Audience
- Developers
- Engineers
- Architects
Custom Corporate Training
Training solutions designed exclusively for businesses.
- Customized Content: We adapt the syllabus and practical exercises to the real goals and needs of your project.
- Flexible Schedule: Dates and times adapted to your team's agenda.
- Format: Online (live), In-company (at your offices), or Hybrid.
Price per private group, online live training, starting from 4800 € + VAT*
Contact us for an exact quote and to hear our latest promotions
Testimonials (2)
I really enjoyed learning about AI attacks and the tools out there to begin practicing and actively using for security testing. I took a lot of knowledge away which I didn't have at the beginning and the course met what I hoped it would be. My favorite part shown from the training was Comet Browser and was amazed at what it could do. Definitely something will be looking into more. Overall it was a great course and enjoyed learning all OWASP GenAI Top 10.
Patrick Collins - Optum
Course - OWASP GenAI Security
That every technical lesson came with multiple practical exercises to nail down the concepts.