Introduction

 

Today we'll be introducing Websec's Secure Web Application Development (SWAD) training course. What is the SWAD training course? What does it cover? How can the SWAD training course benefit my organization? How flexible is the training? We'll be answering all of these questions and more, so read on!

 

What is the SWAD Training Course?

 

Websec's SWAD training course is a series of interactive lectures which aim to educate developers on a plethora of different secure development topics, including integrating security during software development, identifying the most important aspects of secure app development, and investigating the most common categories of web application vulnerabilities and how to protect against them.
The target audience of the course includes IT professionals, web and software developers, network engineers, systems architects, administrators and information security enthusiasts.
Participants will attend the lectures, learn about different aspects of secure development, take part in interactive activities and take quizzes and fill out polls at the end of course section to reinforce the concepts learned.

 

 

What's Included in the SWAD Training Course?

 

The SWAD training course consists of four major components, which include the following:

Section 1 - Importance of Secure Coding Practices

 

Importance of Secure Coding Practices covers a brief outline of internet security history, the impact of cybercrime on businesses, and a look at famous security incidents over the years.

Section 2 - Security During the SDLC

 

The Security During the SDLC section explains how aspects of security can be introduced and integrated into each stage of the Sofware Development Lifecycle, and introduces the concept of threat modeling, the process of identifying and addressing potential threats that face a particular system or application.

Section 3 - Secure Coding Principles

 

In Secure Coding Principles, the 7 fundamental aspects of secure development are introduced and discussed. Furthermore, code snippets from popular development languages will be presented which illustrate vulnerabilities in different categories, which the audience members can analyze and discuss. The secure coding principle topics include:

1. Input handling
2. Access control
3. Authentication
4. Session management
5. Securing sensitive data
6. Error handling and logging
7. Secure communcation channels

Section 4 - OWASP Top 10 Web App Vulnerabilities List

 

In the OWASP Top 10 section, a list of issues identified by the widely-respected Open Web Application Security Project (OWASP) cybsersecurity community are introduced and explained. Furthermore, demonstrations will be provided on how web apps with these issues can be exploited. According to the most-current version of the list, the following vulnerabilities will be addressed:

1. Broken Access Control
2. Cryptographic Failures
3. Injection
4. Insecure Design
5. Security Misconfiguration
6. Vulnerable and Outdated Components
7. Identification and Authentication Failures
8. Software and Data Integrity Failures
9. Security Logging and Monitoring Failures
10. Server Side Request Forgery

 

How Can The SWAD Training Course Benefit My Organization?

 

The SWAD training course provides a compact presentation that introduces core concepts of secure development and explains those concepts in an easy-to-understand way, and includes interactive examples and exercises to better reinforce comprehension.

     It is said that no programmer can securely code “the right way” unless they've been shown what “the right way” is. After taking the SWAD training course, your development team will have a much better understanding of what “the right way” is.

 

How Flexible is the Training?

 

The current format of the course consists of two sessions with a session length of 3 hours each. These sessions can take place on the same day or over the course of two different days, depending on your organization's needs. 

 

Summary

 

sdfdsf

 

Websec Can Help

 

Are you ready to bring your development staff's secure coding skills to the next level? Do you want to feel confident about the security of the applications your developers produce? Websec's Secure Web Application Development training course may be just the answer your organization needs to harden your applications against cybersecurity threats.