Please accept cookies to help us improve this website Is this OK? Yes No More on cookies »
Item number: 118051922

Web App Vulnerability Analyst Training

Item number: 118051922

Web App Vulnerability Analyst Training

298,00 360,58 Incl. tax

Web App Vulnerability Analyst E-Learning Training Certified Teachers Exam Quizzes Assessments Test Exam Live Labs Tips Tricks Certificate.

Read more
Discounts:
  • Buy 2 for €292,04 each and save 2%
  • Buy 3 for €289,06 each and save 3%
  • Buy 5 for €277,14 each and save 7%
  • Buy 10 for €268,20 each and save 10%
  • Buy 25 for €253,30 each and save 15%
  • Buy 50 for €232,44 each and save 22%
  • Buy 100 for €208,60 each and save 30%
  • Buy 200 for €149,00 each and save 50%
Availability:
In stock
Delivery time:
Ordered before 5 p.m.! Start today.
  • Award Winning E-learning
  • Lowest price guarantee
  • Personalized service by our expert team
  • Pay safely online or by invoice
  • Order and start within 24 hours

Web App Vulnerability Analyst E-Learning

Web application security is an essential skill for any software development. OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus that is used to raise awareness to developers, designers, architects, managers, and organizations about the consequences of OWASP Top 10 most common and most important web application security weaknesses. Organizations that address these flaws greatly reduce the risk of web applications being compromised, and in this Skillsoft Aspire journey we will help learners understand the risks associated with the OWASP Top 10. We will review each of the OWASP Top 10 items and discuss how to discover and exploit web app vulnerabilities. Having OWASP Top 10 awareness across all parts of the organization will go a long way in building secure applications across the entire organization.
We will first provide an overview of Web Application Security and why it is important today to understand vulnerabilities. We will then review each of the OWASP Top items. We will then conclude this track by reviewing how to discover and exploit web app vulnerabilities.

Learning Kits are structured learning paths, mainly within the Emerging Tech area. A Learning Kit keeps
the student working toward an overall goal, helping them to achieve your career aspirations. Each part takes the student step by step through a diverse set of topic areas. Learning Kits are
made up of required tracks, which contain all of the learning resources available such as Assessments (Final Exams), Mentor, Practice Labs and of course E learning. And all resources with a 365 days access from first activation.

This Learning Kit, with more than 12 hours of online content, is divided into the following tracks:

Course content

E-learning courses (12 hours +)

OWASP Top 10: Web Application Security

Course: 1 Hour, 38 Minutes

  • Course Overview
  • Web Application Development
  • Secure Coding
  • The Open Web Application Security Project
  • OWASP Zed Attack Proxy and Burp Suite
  • OWASP Enterprise Security API
  • Static and Dynamic Software Testing
  • Running the Metasploitable Vulnerable VM
  • Vulnerability Scanning and Penetration Testing
  • Performing Network Mapping with Nmap
  • Vulnerability Scanning with OpenVAS
  • Comparing Network Scans Using the Zenmap GUI
  • Web Application Firewall
  • Deploying a WAF in Microsoft Azure
  • Course Summary

OWASP Top 10: A1 - Injection

Course: 40 Minutes

  • Course Overview
  • Web Application Development
  • Secure Coding
  • The Open Web Application Security Project
  • OWASP Zed Attack Proxy and Burp Suite
  • OWASP Enterprise Security API
  • Static and Dynamic Software Testing
  • Running the Metasploitable Vulnerable VM
  • Vulnerability Scanning and Penetration Testing
  • Performing Network Mapping with Nmap
  • Vulnerability Scanning with OpenVAS
  • Comparing Network Scans Using the Zenmap GUI
  • Web Application Firewall
  • Deploying a WAF in Microsoft Azure
  • Course Summary

OWASP Top 10: A2 - Broken Authentication

Course: 1 Hour, 32 Minutes

  • Course Overview
  • Authentication and Authorization
  • Broken Authentication Attacks
  • Hashing Credentials
  • Encrypting Credentials over the Network
  • Analyzing Plain Text Transmissions Using Wireshark
  • Deploying Password Policies Using Group Policy
  • Cracking Web Form Passwords with Hydra
  • Cracking Web Form Passwords with Burp Suite
  • Cracking RDP Passwords with Hydra
  • Cracking Linux User Account Passwords
  • Using Deception to Steal Credentials
  • Enabling User Multi-factor Authentication
  • Configuring Conditional Access Policies
  • Mitigating Broken Authentication Attacks
  • Course Summary

OWASP Top 10: A3 - Sensitive Data Exposure

Course: 1 Hour, 48 Minutes

  • Course Overview
  • Sensitive Data Exposure Attacks
  • Personally Identifiable Information
  • Data Privacy Security Standards
  • Classifying Data with Microsoft File Server Resource Manager
  • Classifying Data with Amazon Macie
  • Configuring Azure Information Protection
  • Hashing Files in Windows
  • Hashing Files in Linux
  • Encrypting Data at Rest with Encrypting File System
  • Encrypting Data at Rest with Microsoft BitLocker
  • PKI Certificates
  • Enabling HTTPS for a Web Application
  • Enabling IPsec for LAN Traffic
  • Encrypting Cloud Storage with Key Vault Keys
  • Mitigating Sensitive Data Exposure Attacks
  • Course Summary

OWASP Top 10: A4 - XML External Entities

Course: 32 Minutes

  • Course Overview
  • Extensible Markup Language
  • XML External Entity Attacks
  • Scanning For XXE Vulnerabilities
  • Executing an XXE Attack
  • Mitigating XXE Attacks
  • Course Summary

OWASP Top 10: A5 - Broken Access Control

Course: 1 Hour, 31 Minutes

  • Course Overview
  • Access Control Models
  • Broken Access Control Attacks
  • HTTP Methods
  • Managing Windows File System Permissions
  • Managing Linux File System Permissions
  • Managing Attribute-based File System Permissions
  • Assigning Code Permissions in the Cloud
  • Digitally Signing PowerShell Scripts
  • Identity Federation and Claims
  • Executing a Directory Traversal Attack
  • Acquiring Keystrokes Using a Hardware Keylogger
  • Mitigating Broken Access Control Attacks
  • Course Summary

OWASP Top 10: A6 - Security Misconfiguration

Course: 1 Hour, 8 Minutes

  • Course Overview
  • Security Misconfiguration Attacks
  • Application Containers
  • Managing Containers Using Docker
  • Creating and Populating a Container Registry
  • Deploying a Cloud-based HTTP Container
  • Hardening Security Settings Using Microsoft Group Policy
  • Configuring Azure Policy for Security Compliance
  • Managing Patches with Windows Server Update Services
  • Mitigating Security Misconfigurations
  • Course Summary

OWASP Top 10: A7 - Cross-site Scripting

Course: 36 Minutes

  • Course Overview
  • Java and JavaScript in Web Applications
  • Cross-site Scripting Attacks
  • Executing XSS through Web Page Forms
  • Compromising a Web Browser through XSS
  • Mitigating XSS Attacks
  • Course Summary

OWASP Top 10: A8 - Insecure Deserialization

Course: 21 Minutes

  • Course Overview
  • Object-oriented Programming
  • Insecure Deserialization Attacks
  • Mitigating Insecure Deserialization Attacks
  • Course Summary

OWASP Top 10: A9 - Using Components with Known Vulnerabilities

Course: 31 Minutes

  • Course Overview
  • Third-party APIs and Components
  • Buffer Overflows
  • Continuous Integration and Continuous Delivery Pipelines
  • Viewing Vulnerable Devices Using Shodan.io
  • Course Summary

OWASP Top 10: A10 - Insufficient Logging & Monitoring

Course: 1 Hour, 7 Minutes

  • Course Overview
  • Logging and Monitoring
  • SIEM and SOAR
  • Forwarding Log Entries Using syslog-ng
  • Enabling Cloud Web Application Performance Monitoring
  • Intrusion Detection and Prevention
  • Installing the Snort IDS
  • Testing Snort IDS Rules
  • Analyzing Suspicious Network Traffic Using Wireshark
  • Mitigating Monitoring Deficiencies
  • Course Summary

OWASP Top 10: Discovering & Exploiting Web App Vulnerabilities

Course: 1 Hour, 19 Minutes

  • Course Overview
  • Configuring the Metasploitable2 Web App Virtual Machine
  • Using nmap to Discover HTTP Hosts
  • Scanning a Web Application for Vulnerabilities
  • Executing a Denial of Service Attack against a Web App
  • Executing a Cross-site Scripting Attack against a Web App
  • Executing a Cross-site Request Forgery Attack against a Web App
  • Executing a SQL Injection Attack against a Web App
  • Executing a File Inclusion Attack against a Web App
  • Capturing Web App Keystrokes Using a Hardware Key Logger
  • Capturing HTTP Cleartext Credentials
  • Spoofing HTTP Traffic Using hping
  • Deploying a Cloud-based Web Application
  • Course Summary

Assessment: OWASP Top 10 Mitigations

Will test your knowledge and application of the topics presented throughout the Web App Vulnerability Analyst courses.

Practice Lab: OWASP Top 10 Mitigations (estimated duration: 8 hours)

In this lab, the focus will be on discovering and exploiting web app vulnerabilities as detailed in theOWASP Top 10.

The following exercises will be performed:

  • Perform vulnerability scanning using OWASP Zed Attack Proxy
  • Identify active network hosts and services using nmap
  • Use freely available tools to run a SQL injection attack against a web application
  • Use Wireshark to view plain text credential transmissions
  • Use the Hydra tool to crack web form user passwords
  • Hash files using Windows commands
  • Assemble fake TCP/IP packets using hping3
  • Execute a denial of service (DoS) attack against a web application
  • In this lab, you will have access to:
  • Windows Server 2019
  • Parrot OS
  • Bee-box
  • Wireshark
  • bWAPP
  • Hydra
  • Hping3
  • Slowloris
  • Windows PowerShell
Language English
Qualifications of the Instructor Certified
Course Format and Length Teaching videos with subtitles, interactive elements and assignments and tests
Lesson duration 12 Hours
Assesments The assessment tests your knowledge and application skills of the topics in the learning pathway. It is available 365 days after activation.
Online Virtuele labs Receive 12 months of access to virtual labs corresponding to traditional course configuration. Active for 365 days after activation, availability varies by Training
Online mentor You will have 24/7 access to an online mentor for all your specific technical questions on the study topic. The online mentor is available 365 days after activation, depending on the chosen Learning Kit.
Progress monitoring Yes
Access to Material 365 days
Technical Requirements Computer or mobile device, Stable internet connections Web browsersuch as Chrome, Firefox, Safari or Edge.
Support or Assistance Helpdesk and online knowledge base 24/7
Certification Certificate of participation in PDF format
Price and costs Course price at no extra cost
Cancellation policy and money-back guarantee We assess this on a case-by-case basis
Award Winning E-learning Yes
Tip! Provide a quiet learning environment, time and motivation, audio equipment such as headphones or speakers for audio, account information such as login details to access the e-learning platform.

There are no reviews written yet about this product.

Loading...

OEM Office Elearning Menu Genomineerd voor 'Beste Opleider van Nederland'

OEM Office Elearning Menu is trots genomineerd te zijn voor de titel 'Beste Opleider van Nederland' door Springest, een onderdeel van Archipel. Deze erkenning bevestigt onze kwaliteit en toewijding. Hartelijk dank aan al onze cursisten.

Reviews

There are no reviews written yet about this product.

25.000+

Deelnemers getrained

Springest: 9.1 - Edubookers 8.9

Gemiddeld cijfer

3500+

Aantal getrainde bedrijven

20+

Jaren ervaring

Even more knowledge

Read our most recent articles

View blog