Building Secure API's and Web Applications
Familiarity with the technical details of building web applications and web services from a software engineering point of view.
The major cause of webservice and web application insecurity is a lack of secure software development knowledge and practices. This highly intensive and interactive 1-day workshop provides essential application security training for web application and webservice developers.
This workshop is a combination of lecture, security testing demonstration and code review. Students will learn the most common threats against applications. More importantly, students will learn how to code secure web solutions via defense-based code samples.
Topic will include:
Introduction to Application Security OWASP Top Ten 2017 OWASP ASVS 4.0 HTTP Security Basics XSS Defense Intro to Angular.JS Security Intro to React.JS Security SQL and other Injection Cross Site Request Forgery Input Validation Basics Webservice Security