Training Topics
Workshops take one or more days - usually two or three. They consist of introductory lectures and extensive practical parts. The contents are adapted to individual wishes.
Here is an excerpt from the topics of trainings that we have already held for customers.
- Brief: HTTP basics and attack surface
- Web Application Attacks (Information Leakage, XSS, CSRF, SQL Injection, Code Injection, Code Inclusion, HTTP Header Injection, Unserialize, Logical Errors, Clickjacking)
- Session Management
- Access Controls
- Cryptographic functions and random numbers
- Error handling and logging
- Hardening of configuration and server environment
- Security throughout the development process: Thread Modeling and SDL
- Security testing basics and tools for secure programming
All lectures and trainings can also be held in English and German.