OWASP Top 10

SKU: owasp-top-10.

Cost

$397.00

Continuing Education Credits

16 Hours

Duration

2 Days

Formats Available

Live In-Person

Live Online

Job Target

Software developers, testers, and architects who design and develop software in various programming languages and platforms including desktop, web, mobile, and cloud, and who want to improve their ability to deliver secure software.

Includes

14 Modules with 2 hours 40 minutes of instruction
13 Assessment Tests
Instructor-Led Demonstrations of exploitations against vulnerabilities
14 Student Labs
Downloadable Materials and Virtual Machines
Certificate of Completion
16 CEUs
90 Days Access

Download the Brochure

Description

The OWASP Top 10 Training course covers vulnerabilities, attacks, and mitigations for the 2017 Open Web Application Security Project. The course consists of theory, instructor-led demonstrations of exploitations, and hands-on labs. The objective of the training is to hone the student’s ability to recognize security vulnerabilities when conducting their own assessments, building applications, or developing security programs.

Module 1: OWASP Top 10 Overview

About OWASP
What is the OWASP Top 10?
OWASP Terms

Module 1 Assessment

Module 2: Application Security Risks

Application Risks
OWASP Risk Rating Methodology

Module 2 Assessment

Module 3: Lab Setup

Software Considerations
Networking
Lab Setup Demonstration

Module 3 Assessment

Module 4: A1 – Injection

Injection Overview
Injection Prevention
Injection Exploitation Demonstration
Student Lab

Module 4 Assessment

Module 5: A2 – Broken Authentication

Broken Authentication Overview
Broken Authentication Prevention
Broken Authentication Exploitation Demonstration
Student Lab

Module 5 Assessment

Module 6: A3 – Sensitive Data Exposure

Sensitive Data Exposure Overview
Sensitive Data Exposure Prevention
Sensitive Data Exposure Demonstration
Student Lab

Module 6 Assessment

Module 7: A4 – XML External Entity Injection

XML External Entity Injection Overview
XML External Entity Injection Prevention
XML External Entity Injection Demonstration
Student Lab

Module 7 Assessment

Module 8: A5 – Broken Access Control

Broken Access Control Overview
Broken Access Control Prevention
Broken Access Control Exploitation Demonstration
Student Lab

Module 8 Assessment

Module 9: A6 – Security Misconfiguration

Security Misconfiguration Overview
Security Misconfiguration Prevention
Security Misconfiguration Exploitation Demonstration
Student Lab

Module 9 Assessment

Module 10: A7 – Cross-Site Scripting

Cross-Site Scripting Overview
Cross-Site Scripting Prevention
Cross-Site Scripting Exploitation Demonstration
Student Lab

Module 10 Assessment

Module 11: A8 – Insecure Deserialization

Insecure Deserialization Overview
Insecure Deserialization Prevention
Insecure Deserialization Exploitation Demonstration
Student Lab

Module 11 Assessment

Module 12: A9 – Using Components with Known Vulnerabilities

Using Components with Known Vulnerabilities Overview
Using Components with Known Vulnerabilities Prevention
Using Components with Known Vulnerabilities Exploitation Demonstration
Student Lab

Module 12 Assessment

Module 13: A10 – Insufficient Logging & Monitoring

Insufficient Logging & Monitoring Overview
Insufficient Logging & Monitoring Prevention
Insufficient Logging & Monitoring Exploitation Demonstration
Student Lab

Module 13 Assessment

Module 14: Course Summary

Appendix: Additional Labs

Practical Exercises Walkthrough

OWASP Top 10

OWASP Top 10

Cost

Continuing Education Credits

Duration

Formats Available

Job Target

Includes

Description

OBJECTIVES

PREREQUISITES

EXAM DETAILS

SYLLABUS

Module 1: OWASP Top 10 Overview

Module 2: Application Security Risks

Module 3: Lab Setup

Module 4: A1 – Injection

Module 5: A2 – Broken Authentication

Module 6: A3 – Sensitive Data Exposure

Module 7: A4 – XML External Entity Injection

Module 8: A5 – Broken Access Control

Module 9: A6 – Security Misconfiguration

Module 10: A7 – Cross-Site Scripting

Module 11: A8 – Insecure Deserialization

Module 12: A9 – Using Components with Known Vulnerabilities

Module 13: A10 – Insufficient Logging & Monitoring

Module 14: Course Summary

Appendix: Additional Labs

© 2021 · Alpine Security, a Cerberus Sentinel Company