View the text version of Merit Network web site.
 Merit Network
Search | Text Version | Site Map | Log In   Follow:
Follow Merit Network on Twitter


About Merit   Services   Network   Support & Resources   Network Research   News   Events   Home
SANS Institute's Web Application Security Essentials - Merit Network, Inc.

SANS Institute's Web Application Security Essentials

Merit Network is pleased to host an interactive video presentation of the SANS Institute's Security 422 course, "Web Application Security Essentials." The workshop will be held Monday through Wednesday, January 12-14, 2009 at the MITC bulding in Ann Arbor from 9:00 a.m. to 5:00 p.m. each day. The workshop will be of value to anyone interested in securing Web applications against common threats.

In this innovative presentation, this SANS course will be delivered via interactive teleconference to several participating sites across the U.S, presented by a SANS instructor. A full course description appears below.

The registration fee for attendees from educational institutions and state and local governments is $995, a savings of over 60% compared to the standard price of $2,764 when delivered in a classroom setting. This is a unique opportunity to engage in very high-quality security training at a tremendous savings. In accordance with the SANS Institute's policies, the reduced price is available only to attendees from educational institutions and state and local governments. Others may attend for the retail price of $2,764.

Continental breakfast, snacks and beverages will be provided.

Registration

Registration has closed.

For more information, please contact

Details about the course

Web Application Security Essentials is a three-day hands-on, action-packed course covering strategies for defending Web applications against current and future attacks. This course will help you understand the fundamental reasons behind the Web vulnerabilities which will then enable you to properly defend your organization's Web assets. Mitigation strategies from an infrastructure, architecture, and coding perspective will be discussed alongside real-world implementations that really work. The key security problem areas of Web applications will be covered, as well as new technology areas such as AJAX and Web Services.

To maximize the benefit for a wider range of audiences, the discussions in this course will be programming language agnostic. Focus will be maintained on security strategies rather than coding level implementation.

Who Should Attend

This course is intended for anyone tasked with implementing secure Web applications. Web Application Security Essentials is particularly well suited to application security analysts, developers, application architects, pen testers who are interested in recommending proper mitigations to security issues, and infrastructure security professionals who have an interest in better defending their Web applications.

Sampling of Topics

  • Securing Web Application Infrastructures
  • Cryptography
  • Authentication
  • Access Control
  • Session Mechanism Protection
  • Web Application Logging
  • Input Issues and Proper Validation
  • SQL Injection Defense
  • Cross-Site Scripting Defense
  • Phishing Defense
  • HTTP Response Splitting and Defense
  • Cross-Site Request Forgery Defense
  • AJAX Security
  • Web Services Security

Laptop requirement

Students attending this course are required to bring their own laptops that are properly configured. There is not enough time in class to help you install your laptop; your laptop must be properly installed and configured before you come to class. Requirements are given at:
Laptop Setup Requirements

About the instructor

Tanya Baccam is a SANS senior instructor and SANS courseware author. She provides security consulting services including system audits, vulnerability and risk assessments, database assessments, web application assessments and penetration testing. Tanya has previously worked as the director of assurance services for a security services consulting firm, and as manager of infrastructure security for a healthcare organization. She also served as a manager at Deloitte & Touche in the security services practice. She has played an integral role in developing multiple business applications and currently holds the CPA, GCFW, GCIH, CISSP, CISM, CISA, CCNA, CCSE, CCSA and Oracle DBA certifications.

About SANS

The SANS Institute is the most trusted and by far the largest source for information security training and certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - Internet Storm Center. SANS also sponsored the creation of GIAC a leading industry security certification. The SANS (SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community.


More Merit Events.



Home » Events » Merit Events Archive » Special Events Archive
Print this.
Print This
Send This.
Send This


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Widget | Merit Network Home


Copyright © 2012 Merit Network, Inc.
1000 Oakbrook Drive, Suite 200, Ann Arbor, Michigan 48104-6794
Phone: (734) 527-5700    Fax: (734) 527-5790    E-mail: