Information Systems & Web Application Security Training

This instructor-led, live training (online or onsite) is aimed at engineers who wish to learn the methods and tools needed to protect their organization's information systems and web applications against attack.

Participants attending this course will

• Understand information security at both the computer level and communications level.
• Prevent physical and digital access to private information systems.
• Prevent the modification of information that is in storage, being processed, or being transmitted.
• Protect against denial of service attacks.
• Take the necessary measures to detect, document, and counter security threats.
• Ensure that organizational information is kept confidential.
• Understand basic concepts of security, IT security and secure coding
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Learn client-side vulnerabilities and secure coding practices
• Have a practical understanding of cryptography
• Understand security concepts of Web services
• Get practical knowledge in using security testing tools
• Get sources and further readings on secure coding practices

Information Security

• Introduction
• Overview of Information Systems Security
• Physical and Environmental Security
• Information Security and Risk Management
• Access Control Systems
• Cryptography
• Security Architecture and Design
• Business Continuity and Disaster Recovery Planning
• Telecommunications and Network Security
• Application Security
• Operations Security
• Legal, Regulations, Compliance and Investigations
• Troubleshooting
• Summary and Conclusion

Web Application Security

• IT security and secure coding
• Web application security
• Client-side security
• Client-side security
• Practical cryptography
• Security of Web services
• XML security
• Knowledge sources