Application Security Primer Course

Class Duration

• 1 day

Class Synopsis

Secure Ideas’ Application Security Primer is a lecture-based short-form course covering the foundations of application security. This course walks students through the OWASP® Top 10 and related defenses. Students will be able to explain the various vulnerabilities and what they mean to an application security program.

Agenda

The following serves as a tenative agenda for this class. The class is regularly updated to incorporate the latest information on modern web application concepts and attacks.

• Introduction
• OWASP®
• A1 - Injection
• A2 - Broken Authentication
• A3 - Sensitive Data Exposure
• A4 - External XML Entities (XXE)
• A5 - Access Control Flaws
• A6 - Security Misconfiguration
• A7 - Cross-Site Scripting (XSS)
• A8 - Insecure Deserialization
• A9 - Using Components with Known Vulnerabilities
• A10 - Insufficient Logging and Monitoring
• Defenses
• Summary
• Course Check Test

Prerequisites

Prerequisites
Students attending this class should, at a minimum, have familiarity with the following concepts:

• How the web works
• HTML
• JavaScript