Securing Web Applications, Services and Servers

Securing Web Applications, Services and Servers workshop exposes participants to skills, industry best practices and technology for mitigating and eliminating either internal or external security threats within their business’ private and/or public cloud infrastructure

CONTENT

Network Security and Firewalls

• Establishing Security Fundamentals
• Significance of network security, and identify various elements of an effective security policy, including risk factors, security-related organizations, key resources to secure, general security threat types, access control

• Encryption and the encryption methods used in internetworking
• Guidelines and principles of effective network security to create effective specific solutions
• Apply security principles and identify security attacks
• Identify firewall types and define common firewall terminology
• Plan a firewall system that incorporates multiple levels of protection, including firewall system design, proactive detection, setting traps, security breach response, security alerting organizations

Securing Web and Network Services

• Modeling web security
• Configure a web server to encrypt web traffic with HTTPS
• Configuring security for HTTP services
• Securing XML Web Services
• Securing communication with SSL/TLS
• Securing database - application interaction

Security Testing of Web Applications and Services

• Testing security of web applications on organization’s network

• Identify, diagnose and correct the serious web application vulnerabilities
• Creating a trust boundary with proper input validation
• Avoiding cross-site scripting vulnerabilities
• Implementing URL access restrictions

Implementing Data Protection

• Encrypting and hashing
• Hardening
• Augmenting web server security
• Detecting and mitigating unauthorized file-system modification
• Detecting and mitigating unauthorized modification of content

Using Security Best Practices

• Implementing Web Application Security
• Employing OWASP resources

FOR WHOM: CIOs, IT Development Managers, Heads of Department, System Administrators/Engineers, IT Professionals and others who want to sharpen their knowledge in IT world.

TRAINING METHODOLOGY

The training methodology combines lectures, discussions, group exercises and illustrations. Participants will gain both theoretical and practical knowledge of the topics. The emphasis is on the practical application of the topics and as a result participant will go back to the workplace with both the ability and the confidence to apply the techniques learned to their duties.

1ST BATCH: 28th - 31st January, 2020        

2ND BATCH: 21st –24th July, 2020