Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Live Online | 20th Feb 2018, Tuesday | 4 hrs., 6 PM ET | Completion Cert. | Session Recording
Hack2Secure’s Live Online program on OWASP Top 10 (2017): Web Application Security Risks provides practical walk-
through on some of the common and critical Web Application security concerns faced by organizations and guide
professional through the consequences and techniques to protect against these flaws.
Program Scope
Introduction A5:2017 – Broken Access Control
About OWASP, Authorization: About, Access Control
OWASP Top10 2017 Web Security Risks Broken Access Control
OWASP Risk Rating Methodology o About Risk
o Demonstration of possible Risk Scenario
A1:2017 - Injection Defensive Best Practices
About Injection Risk A6:2017 – Security Misconfiguration
o SQL Injection: About, Root Cause About Risk
o Command Injection: About, Root Cause Demonstration of possible Risk Scenario
o Demonstration of possible Risk Scenario Defensive Best Practices
Defensive Best Practices
A7:2017 - Cross Site Scripting (XSS)
A2:2017 - Broken Authentication
XSS Risk
Authentication: About, Schemes, Types o About, Root Cause, Types
Web Sessions: About, Use Cases o Demonstration of possible Risk Scenario
Broken Authentication Defensive Best Practices
o About Risk
o Demonstration of possible Risk Scenario A8:2017 – Insecure Deserialization
Defensive Best Practices About De-Serialization & Associated Risk
Defensive Best Practices
A3:2017 - Sensitive Data Exposure
About Risk A9:2017 - Using Components with Known
Demonstration of possible Risk Scenario Vulnerabilities
Defensive Best Practices About Risk
Defensive Best Practices
A4:2017 – XML External Entities (XXE)
About XML External Entities & Associated Risk A10:2017 – Insufficient Logging-Monitoring
Demonstration of possible Risk Scenario Accountability: About, Associated Risk
Defensive Best Practices Logging Best Practices
Globally Available | Proctored | 180 mins. | 90 MCQ | Passing Grade: 60% | Exam Language: English
Web Application Security Defender (WASD) Certificate program evaluates individual's implementation level skills
required for Web Application Security Assessment. It ensures candidate's awareness on Application Security
Challenges, Risk, Tools, Techniques & methodologies along with hands-on practical level knowledge & skill-sets.
For more details, www.hack2secure.com/wasd
Globally Available | Proctored | 150 mins. | 90 MCQ | Passing Grade: 60% | Exam Language: English
Secure Web Application Development Lifecycle Practitioner (SWADLP) Certificate program evaluates individual's
implementation level skills in Security practices required to ensure Secure Application Development. This
program ensures candidate's awareness on Application Security Challenges, Threats, Standards, Best Practices
and assurance methodologies along with hands-on implementation level knowledge and skill-sets.
For more details, www.hack2secure.com/swadlp
www.hack2secure.com | certificate@hack2secure.com
About Hack2Secure
Hack2Secure excels in “Information Security” Domain and offers
customised IT Security programs, including Training, Services and
Solutions. Our programs are designed by industry experts and
tailored as per specific needs. We help students, professionals
and companies with knowledge, tools and guidance required to
be at forefront of a vital and rapidly changing IT industry.
InfoSec Training
Vendor Independent, Customizable, Across Domains
Hack2Secure excels in delivering intensive, immersion security
training sessions designed to master practical steps necessary
for defending systems against the dangerous security threats.
Our wide range of fully customizable training courses allow
individual to master different aspects of Information Security as
per their industry requirement and convenience.
Delivered Training to more than 15k+ Professionals Globally
Vendor Independent programs aligned with Industry Security Practices and Requirements
InfoSec Certification
Globally delivered and Proctored Security Certification programs with PearsonVUE
Vendor Independent Programs based on Industry Security Standards and Practices
www.hack2secure.com | info@hack2secure.com