Please note: This course is hold in German. For courses in English, please contact Compass
Security directly: Telefon +41 55 214 41 60 or
team@csnc.ch
The following course is offered in co-operation with ISACA and the ITACS Training AG in Zurich.
Further information is available for you on
www.itacs.ch where you may also enrol for this course.
Target group:
- Security Officers
- Web developers
- Continuation of the course LAB-WAB
Requirements:
- Familiarity with the Windows command line
- Knowledge of the HTTP protocol
- JavaScript, GET/POST, XML are known terms
- Attendance of the course LAB-WAB
Contents:
- Repetition OWASP TOP 10
- Introduction Web 2.0
- XML attacks
- XPath injection
- Ajax, XMLHttpRequest and Same Origin Policy (Bypass)
- Google Web Toolkit / DWR Framework
- Web Application Firewall (Airlock, SES, NevisWeb, OpenSource, …)
- Discussion on defence measures / priorities
Scope:
The course is focussed on the Web layer. Nessus, Nmap and vulnerability scanning are not part
of this course (these topics are dealt with in the course LAP-NP). The course is the continuation
of the basic course LAB-WAB.
|