Introduction:
Certified Secure Web Application Engineer Training (CSWAE) Workshop Course with hands-on lab Exercises – Duration: 4 Days (Instructor-led Online/Classroom Live)
ACCREDITATIONS & ACKNOWLEDGEMENTS
- Accredited by the NSA CNSS 4011-4016
- Mapped to NIST / Homeland Security NICCS’s Cyber Security Workforce Framework
- Approved on the FBI Cyber Security Certification Requirement list (Tier 1-3)
Certified Secure Web Application Engineer Training (CSWAE); Organizations and governments fall victim to internet-based attacks every day. In many cases, web attacks could be thwarted but hackers, organized criminal gangs, and foreign agents are able to exploit weaknesses in web applications.
The Secure Web programmer knows how to identify, mitigate and defend against all attacks through designing and building systems that are resistant to failure. The secure web application developer knows how to develop web applications that aren’t subject to common vulnerabilities, and how to test and validate that their applications are secure, reliable and resistant to attack.
Web applications are increasingly more sophisticated and as such, they are critical to almost all major online businesses. As more applications are web enabled, the number of web application security issues will increase, traditional local system vulnerabilities, such as directory traversals, overflows and race conditions, are opened up to new vectors of attack.
The responsibility for the security of sensitive systems will rest increasingly with the web developer, rather than the vendor or system administrator. As with most security issues involving client/server communications, Web application vulnerabilities generally stem from improper handling of client requests and/or a lack of input validation checking on the part of the developer.
Exam Information:
- The Certified PowerShell Hacker exam is taken online through our Assessment and Certification System (“MACS”), which is accessible on your mile2.com account. The Certified Secure Web Application Engineer (CSWAE) exam will take 2 hours and consists of 100 multiple choice questions. The cost is $400 USD and must be purchased from us.
Student Materials:
- Student Workbook
- Student Prep Guide
- Student Lab Guide
- CPEs: 32
Certification Exams:
- Mile2 CSWAE – Certified Secure Web Application Engineer Training (CSWAE)
Related Courses
- Certified Penetration Testing Engineer Training (CPTE)
- Certified Digital Forensics Examiner Training (CDFE)
- Certified Cloud Security Officer Training (CCSO)
- Certified Penetration Testing Consultant Training (CPTC)
- Certified Vulnerability Assessor Training (CVA)
- Certified Security Principles Training (CSP)
Customize It:
- If you are familiar with some aspects of Certified Secure Web Application Engineer (CSWAE), we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the Certified Secure Web Application Engineer Training (CSWAE) course around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Certified Secure Web Application Engineer (CSWAE) course in manner understandable to lay audiences.
Audience/Target Group:
The target audience for this Certified Secure Web Application Engineer (CSWAE) course:
- Coders
- Web Application Engineers
- IS Managers
- Application Engineers
- Developers
- Programmers
Certified Secure Web Application Engineer Training (CSWAE) – Course Prerequisites:
The knowledge and skills that a learner must have before attending this Certified Secure Web Application Engineer (CSWAE) course are:
- A minimum of 24 months’ experience in software technologies & security
- Sound knowledge of networking
- At least one coding Language
- Linux understanding
- Open shell
Certified Secure Web Application Engineer Training (CSWAE) – Objectives:
After completing this Certified Secure Web Application Engineer (CSWAE) course, students will be able to:
- Establish industry acceptable auditing standards with current best practices and policies.
- Students will also be prepared to competently take the CSWAE exam.
Certified Secure Web Application Engineer Training (CSWAE) – Course Syllabus
Introduction
- Module 1: Web Application Security
- Module 2: OWASP Top 10
- Module 3: Threat Modeling & Risk Management
- Module 4: Application Mapping
- Module 5: Authentication and Authorization Attacks
- Module 6: Session Management Attacks
- Module 7: Application Logic Attacks
- Module 8: Data Validation
- Module 9: AJAX Attacks
- Module 10: Code Review And Security Testing
- Module 11: Web Application Penetration Testing
- Module 12: Secure SDLC
- Module 13: Cryptography
LABS Outline:
- Module 1: Environment Setup and Architecture
- Module 2: OWASP TOP 2013: Session Management Attacks
- Module 3: Threat Modeling
- Module 4: Application Modeling and Analysis
- Module 5: Authentication and Authorization Attacks
- Module 6: Session Management Attacks
- Module 9: AJAX Security
- Module 10-1: Code Review
- Module 10-2: Security Test Scripts
- Module 10-3: Writing Java Secure Code
- Annex 11: Alternatives Labs
- Lab 11-1 4: WebGoat & WebScarab
- Lab 11-2: WebGoat – Cross-Site Request Forgery (CSRF)
- Lab 11-3 Missing Function Level Access Control
- Lab 11-4: Perform Forced Browsing Attacks
Certified Secure Web Application Engineer Training (CSWAE) Workshop course Wrap-Up
Whether you are looking for general information or have a specific question, we want to help!
Request More Information