|
Training the competition since 1998 |
Although Maven Security Consulting started as a business in 2001, one of its founders was developing and delivering original web app security training as early as 1998. This was long before there were top ten lists, huge professional security conferences, and web application security mailing lists.
|
|
|
Training Services
At Maven Security we believe that it is vitally important to integrate security into the total software development life cycle. That's why we provide training that is valuable to all stakeholders in your organization, from the programmers, to security staff, to project managers.
We've given training at large conferences, large businesses, small businesses, and everywhere inbetween. If you think that you need better security understanding in your organization, contact us to find out how we can help you. | |
|
|
Class examples
|
Hands-On Remote Testing for Common Web Application Security Threats |
|
Course Objectives:
-
Understand the security threats facing web applications.
-
Learn the tools and techniques to remotely validate a web application's security.
-
Enhance secure programming practices by raising awareness and giving programmers the tools needed to audit their code from the user's perspective.
Course Topics:
-
Web Protocols Primer
-
Web protocols & standards (HTML, HTTP)
-
Session tracking and state mechanisms
-
HTTP authentication mechanisms
-
Tools for interception, manipulation, and analysis of web traffic
Common Web Application Security Threats:
-
-
Classes of Attack; definitions and examples (including authentication, authorization, client-side attacks, command execution, information disclosure, and logic attacks)
-
The most popular forms of attack will be covered in the labs, such as Cross-site Scripting (XSS) and SQL Injection
-
Remote tools and testing techniques for locating these vulnerabilities
-
Cross references to the OWASP Top Ten will be given. | | | |
|
