> > > ASD Detailed outline

AppSec for Developers (ASD)

Course Description Schedule Course Outline

Detailed Course Outline

Day 1

Authorization

  • Session Management
  • Logical Flaws
  • Web Server Misconfiguration
  • Application Server Misconfiguration
  • HTTP Methods
  • SSL and MITM attacks

Cross Site Issues

  • Cross Site Scripting
  • Cross Site Request Forgery
  • Session Fixation
  • CRLF Injection
  • Flash and Cross Domain Issues
Day 2

Server Side Issues

  • SQL Injection
  • File Uploads
  • Server Side Includes
  • File Inclusion
  • Direct Object Reference
  • OS Code Execution

Best Security practice

  • HSTS
  • Content Security Policy
  • Defence in Depth
 

Accessing our website tells us you are happy to receive all our cookies. However you can change your cookie settings at any time. Find out more.   Got it!