Upcoming Meetups

No upcoming Meetups

What we're about

Crash Course Series

This new Crash Course webinar training series will focus on defending against common/critical web application vulnerabilities, starting with secure design and coding practices. The series give you a better understanding of defensive tactics you can use to secure your apps against exploitation.

Throughout the course, you will learn using real-world examples taught by the senior trainer who runs the WhiteHat Academy for our Threat Research Center.

Technical Topics

• Sensitive Data Exposure: Introduction to web application security concepts, Testing Methodologies,Threat Modeling, the Reconnaissance Phase of Testing, Information Leakage, Fingerprinting, Directory Indexing, and Server/Application Misconfiguration

• Injection-Based Vulnerabilities: Improper Input Handling, SQL and XML Injection, Injection in Conjunction with Social Engineering, Cross Site Scripting, Content Spoofing, and URL Redirector Abuse

• Broken Authentication/Access Control: Brute Force, Insufficient Authorization/Authentication, Insufficient Session Expiration, Session Prediction, and Cross Site Request Forgery

Who Should Attend
- Application developers, security analysts, architects, managers, or auditors
- Any security professionals interested in learning more about how web application security is key to vulnerability management

Register for a single course or the entire webinar series. Each webinar is two hours long. Attendees will receive a Certification of Completion for CPE credits after each session.

Part 1: Sensitive Data Exposure
Tuesday, April 24, 2018 at 10:00am PT

- Introduction to web application security concepts
- Testing Methodologies
- Threat Modeling Systems
- The Reconnaissance Phase of Testing
- Information Leakage
- Fingerprinting
- Directory Indexing
- Server/Application Misconfiguration

Part 2: Injection-Based Vulnerabilities
Tuesday, May 15, 2018 at 10:00am PT

- Improper Input Handling
- SQL Injection
- XML Injection
- Injection in Conjunction with Social Engineering
- Cross-Site Scripting (XSS)
- Content Spoofing
- URL Redirector Abuse

Part 3: Broken Authentication/Access Control
Tuesday, June 5, 2018 at 10:00am PT

- Brute Force
- Insufficient Authorization
- Insufficient Authentication
- Insufficient Session Expiration
- Session Prediction
- Cross-Site Request Forgery

Register here today!

Members (23)

Photos (2)