|
|
|
|
SANS Institute's Introduction to Web Application Security
Merit Network is pleased to host an interactive video presentation of
the
SANS Institute's
Developer 319 course, "Web Application Security
Essentials." The workshop will be held June 29-30, 2009 at the
MITC
bulding in Ann Arbor from 9:00 a.m. to 5:00 p.m. each day. The workshop will be of value to anyone interested in securing Web applications against common threats.
In this innovative presentation, this SANS course will be delivered via interactive teleconference to several participating sites across the U.S, presented by a SANS instructor. A full course description appears
below.
The registration fee for attendees from educational institutions and
state and local governments is $750, a savings of over 55% compared to the standard price of $1,700 when delivered in a classroom setting. This is a unique opportunity to engage in very high-quality security training at a tremendous savings. In accordance with the SANS Institute's policies, the reduced price is available only to attendees from educational institutions and state and local governments. Others may attend for the retail price of $1,700.
Continental breakfast, snacks and beverages will be provided.
RegistrationRegistration is now available:
Register for the SANS 319 course
For more information, please contact
Details about the course
From a mere 26 Web servers operating in November 1992 growing to well over 100 million Web sites today, we have come a long way in Web technology over a short period of time. Today, almost every organization has its own Web site for conducting business transactions or other critical functions. And for many companies, their online presence has become a major revenue generator. As everyone jumps on the bandwagon to do business on the Web, many problems can arise which are directly related to the security aspects of Web applications. The adage "where there is money, there is crime" has become true on a daily basis as we see credit cards and other financial data compromised through Web application vulnerabilities. And that is not even the full extent of the problem because Web-based malware and worms are still spreading in the wild.
"Intro to Web Application Security" is a two-day, hands-on, action-packed course covering the common vulnerabilities that are leveraged by attackers, the basic principles of securing Web applications, and basic testing techniques for detecting the vulnerabilities. This course will help you understand the mechanics of the components necessary for effective Web application security which will then enable you to properly defend your organization's assets. With the information you learn in this class, you will be able to perform basic security testing on Web applications as well as architect, design, and develop more secure Web applications.
Who Should Attend- Security practitioners and managers
- Auditors
- QA analysts who want to learn the mechanics of Web applications for better testing
- IT infrastructure professionals who want a basic understanding of Web technologies and security issues
- Anyone interested in techniques for securing Web applications
Sampling of Topics- Securing Web Application Architectures and Infrastructures
- Cryptography
- Authentication
- Access Control
- Session Mechanism
- Web Application Logging
- Input Issues and Validation
- SQL Injection
- Cross-Site Scripting
- Phishing
- HTTP Response Splitting
- Cross-Site Request Forgery
Laptop requirement
Students attending this course are required to bring their own laptops that are properly configured. There is not enough time in class to help you install your laptop; your laptop must be properly installed and configured before you come to class. Requirements are given at:
Laptop Setup Requirements
About the instructorTanya Baccam is a SANS senior instructor and SANS courseware author. She provides security consulting services including system audits, vulnerability and risk assessments, database assessments, web application assessments and penetration testing. Tanya has previously worked as the director of assurance services for a security services consulting firm, and as manager of infrastructure security for a healthcare organization. She also served as a manager at Deloitte & Touche in the security services practice. She has played an integral role in developing multiple business applications and currently holds the CPA, GCFW, GCIH, CISSP, CISM, CISA, CCNA, CCSE, CCSA and Oracle DBA certifications.
About SANSThe SANS Institute is the most trusted and by far the largest source for
information security training and certification in the world. It also
develops, maintains, and makes available at no cost, the largest
collection of research documents about various aspects of information
security, and it operates the Internet's early warning system - Internet
Storm Center. SANS also sponsored the creation of GIAC a leading
industry security certification. The SANS (SysAdmin, Audit, Network,
Security) Institute was established in 1989 as a cooperative research
and education organization. Its programs now reach more than 165,000
security professionals around the world. A range of individuals from
auditors and network administrators, to chief information security
officers are sharing the lessons they learn and are jointly finding
solutions to the challenges they face. At the heart of SANS are the many
security practitioners in varied global organizations from corporations
to universities working together to help the entire information security
community.
More Merit Events.
|
|
|
|
