[SECU-WEB] : Web applications security

Duration and location

1 day

If inter : Hôtel Oceania Rennes – Saint-Grégoire, Bd Robert Schuman

35760 Saint-Grégoire, FRANCE

Rates

  • Inter : 700€ per person
  • Intra : 4200€ (12 participants maximum)
  • On-demand : Contact us

Registration and information

Registration at least 5 business days before the beginning of the training

Training referent : Mr Julien MOINARD
Disability referent : Mr Adrien SCHMOUKER

Email : academy@lootus.net

Tél : +33(0)2 30 96 02 83

For any question including access conditions for the disabled public

Privacy

Our privacy policy is available here

GDPR Notice : Professional training

Register to the training

This training was last updated on April 3rd, 2023

Registration to [SECU-WEB] inquiry

Q

Objectives

  • Understand the challenges of cybersecurity on the Web

  • Discover the top 10 web vulnerabilities from OWASP

  • Learn the basics of cryptography

  • Discover the best practices of Web development

Target audience

Web developers, project managers

Prerequisites

Experience in Web development is highly recommended.

Evaluation methods

  • MCQs at the beginning and end of the training
  • Training certificate in accordance with article L.6353-1 of the French Labour Code.

Methods used

  • PowerPoint course material (in French)
  • Teaching methods used: lecture, demonstration, experimentation
  • Practical work with the I²Cx Cyber Range training platform
  • If training in inter, a computer will be provided to each participant
  • If training in intra, the participants must already have a computer at their disposal, with the virtualization tool pre-installed (a download link is provided beforehand), and the following specifications:
      • At least 15GB of available disk space (to deploy the virtual machine;
      • At least 6GB of RAM;
      • At least 2 CPU cores (Inte, i3, i5, i7 or AMD equivalent);
      • 2 free USB ports (USB2);
      • 64 bits OS with administrator privileges (Windows, Linux or Mac OS);
      • An OVA file to easily deploy the virtual machine will be provided.

Program

1. INTRODUCTION TO WEB CYBERSECURITY

2. LACK OF LOGGING AND MONITORING

3. UPDATES AND KNOWN VULNERABILITIES

4. POOR HEADER CONFIGURATIONS

5. CRYPTOGRAPHIC MISCONFIGURATIONS

    6. SENSITIVE DATA EXPOSURE

    7. XXE

    8. BROKEN ACCESS CONTROL

    9. DATABASE INJECTION

    10. AUTHORIZATION DEFECTS