Application developers, security analysts, architects, managers, or auditors

Any security professionals interested in learning more about how web application security is key to vulnerability management

Part 3: Broken Authentication/Authorization

Tuesday, June 5, 2018 at 10:00am PT





Brute Force



Insufficient Authorization



Insufficient Authentication



Insufficient Session Expiration



Session Prediction



Cross-Site Request Forgery



Insufficient Process Validation

This new Crash Course webinar training series will focus on defending against the most common and critical web application vulnerabilities by teaching you how to think like a hacker. The series will give you a better understanding of how to identify threats and implement defensive tactics you can use to secure your apps against exploitation.Throughout the course, you will learn using real-world examples taught by an Application Security Engineer who ran the WhiteHat Academy for our Threat Research Center for over three years.: Introduction to web application security concepts such as testing methodologies, threat modeling, the reconnaissance phase of testing, and some of the most common vulnerabilities that lead to sensitive data exposure, such as: Information Leakage, Fingerprinting, Directory Indexing, and Server/Application Misconfiguration: Introduction to some of the most critical injection-based vulnerabilities as described in the OWASP top 10 and walkthroughs of how these attacks play out in conjunction with social engineering. Vulnerabilities covered: Improper Input Handling, SQL and XML Injection, Cross Site Scripting, Content Spoofing, and URL Redirector Abuse: Introduction to how hackers can circumvent access controls and application logic to gain access to sensitive content and functionality. Vulnerabilities covered: Brute Force, Insufficient Authorization/Authentication, Insufficient Session Expiration, Session Prediction, Cross Site Request Forgery, and Insufficient Process ValidationRegister for a single course or the entire webinar series. Each webinar is two hours long. Attendees will receive a Certification of Completion for CPE credits after each session.