Web Application Security 101

Web Application Security

This highly interactive, intensive 2-day workshop provides essential web application security training for institution IT staff and software developers.

The workshop will cover the security aspects required to develop a secure Internet facing application, how to code securely in order to help prevent security vulnerabilities and also how to test for security vulnerabilities. The Workshop will introduce core concepts in relation to secure application development and associated vulnerabilities, discuss prevention techniques and how to test/detect security issues throughout the development lifecycle. .

Course details

Running: Thursday 19th and Friday 20th July
Duration: 2 Days from 09:30 -> 16:30
Location: HEAnet Offices, Dublin
Fee: €300 per delegate.

Topics Covered:

Day 1:

HTTP security basics and tools for testing.

Input validation theory, techniques and associated vulnerabilities
SQL Injection, Command Injection, XSS
Output Encoding theory, techniques and associated vulnerabilities, DOM XSS
Authorisation best practice & CSRF attacks

Day 2:

Authentication best practice
Session Management / Cookie security best practice
Logging best practice
Error Handling
Client-Side Security – Click-Jacking, CSP
Security in the SDL (Systems Development Lifecycle)

All delegates will receive a workbook and software.

Lunch and refreshments will be provided.

Requirements:

This workshop is fully hands-on and requires delegates to bring a Laptop running Windows XP or higher and a USB slot to install the lab software.

About Instructor:

Eoin Keary CISSP, CISA.

Eoin Keary is the CTO and founder of BCC Risk Advisory Ltd. (bccriskadvisory.com) a local Irish company who specialise in secure application development, advisory, penetration testing, Mobile & Cloud security and training.

He is also an international board member, and vice chair of OWASP, The Open Web Application Security Project (owasp.org). During his time in OWASP he has lead the OWASP Testing and Security Code Review Guides and also contributed to OWASP SAMM, ASVS and the OWASP Cheat Sheet Series.

Eoin has led global security engagements for some of the world’s largest financial services and consumer products companies. He is a well known technical leader in industry in the area of software security and penetration testing.

LATEST NEWS

HEAnet hosts RIPE 66 in Dublin

https://ripe66.ripe.net

HEAnet is very happy to be the local host for the RIPE 66 meeting which is taking place on 13 - 17 May 2013 at The Burlington Hotel, Dublin.

HEAnet National Conference 2013 - Call for Papers is Open

Available from the following link.

HEAnet National Conference 2013 "Strategies for e-Infrastructure Delivery"

First GÉANT Open Call Announced

GÉANT the pan-European research and education (R&E) network, issued its first competitive Open Call for additional beneficiaries to carry out Multi-Domain Network Research and Development activities.

HEAnet National Conference 2013

A date for your diary. For more information please visit: www.heanet.ie/conferences/2013

WORKSHOPS