iSAQB Module WEBSEC - 3 days
The training contents at a glance
- Analysis of risks, model and protection goals:
Identification of assets and risks, security as a process, common guidelines and standards.
- Secure design and development process:
Validation of inputs, basic patterns for coding, access concepts, supporting infrastructure components.
- Known attacks and attack vectors:
Injection attacks, social engineering, runtime environment attacks, man in the middle attacks
- Security and infrastructure:
Firewalls, intrusion detection, use of TLS
Technology 20 | Methodology 10 | Communication -
Duration: 3 days of 8 hours each
Software architects and developers at every level of their development. Web security touches all levels of layout, development, test and ops. It is usually too late to make a software product "secure" until after its development has been completed.