Web Application Security for Developers

Kesto: 2 pv , Opetuskieli: englanti, Materiaalikieli: englanti, Materiaali: pdf
Web Application Security for Developers
1.00 Kpl
Web Application Security for Developers (2 pv), 09.11.2021
950 €
+ alv.. 24%.
Oppiasopimushinta: 625,00€


About the course

Web Application Security provides a look in to the world of cyber attackers and penetration testers. In the training developers learn how an attacker sees a web application and its background services. The training covers tools and methods used by penetration testers, giving the attendee a hands-on understanding on how security vulnerabilities are discovered, exploited and avoided.

Some of the topics covered:

  • How an attacker sees a web application and its background services
  • Common vulnerability types (OWASP Top 10 + more) - How to find, exploit and avoid them
  • Hands-on introduction to security testing tools
  • Security & third party components
  • Advanced exploits & vulnerabilities in modern technologies
  • Demos and hands-on exercises!

Course requirements

The training will be held remotely over Zoom. Basic knowledge of programming and an understanding of web application architectures is required. During the training we will do hands-on exercises using the Amazon WorkSpaces cloud desktop service. To do the hands-on exercises during the training, you must install the Amazon WorkSpaces client (link: https://clients.amazonworkspaces.com/). Additional instructions will be sent to attendees prior to the training date.

Tools & presentation material

All training presentation material will be provided to attendees after the training has been held. The tools used in the course are free to use, and the attendee can download and install the tools to their own machine after the course.

About Silverskin

The instructor for the course is a professional penetration tester and security analyst from Silverskin Information Security Oy. Silverskin is a Cyber Attack Company specialized in understanding the attacker's perspective on cyber security. As a trusted cyber security partner, we help our customers to detect and mitigate business criticial security risks, assess the effectiveness of security controls and build resilience. More information about Silverskin can be found at our website (link: https://www.silverskin.com).

What others say

Here's a few comments we have received from attendees:

"It really felt that there were lot of things that are helpful for me as a developer. Those real life examples really helped to better understand different vulnerabilities and how they can be exploited."

"Very nice training! The trainer was clearly a professional and conveyed the topics clearly and understandably. Hands-on parts were interesting and provided concrete insights."

"I really enjoyed this training! One of the best I've done!"

"Thanks for the course! The hands-on approach was good for the "gut feeling" of what cyber security vulnerabilities can be causing."

"A well balanced course, containing adequately hands-on exercises. Bonus for using mainly OSS tools that are available after the course!"

In total, hundreds of developers and development team members have attended the course, and have given it an average rating of 4.4 / 5.

Testimonial - Reaktor

"Silverskin’s security trainings are well-structured and pragmatic. The trainings have helped us in building our security awareness and competence. I can recommend the training for everyone who wants to understand how cyber attacks are conducted and how to defend against them."
- Miso Korkiakoski, Head of Security, Reaktor

Reaktor is a strategy, design, and engineering company based in New York, Helsinki, Amsterdam and Tokyo.


Päivämäärä Aloitusaika Lopetusaika Huom!

Day 1: Basics of Web Application Security

Morning (9:00 - 11:30)

  • Cyber Security Fundamentals
  • Phases of Cyber Espionage
  • Cyber Attack Methodologies: Scanning
  • Cyber Attack Methodologies: Fuzzing
  • Security Flaw Categories
  • Hacking Web Applications

Lunch break (11:30 - 12:30)

Afternoon (12:30 - 16:00)

  • Common Vulnerability Types (OWASP Top 10 + more): How to find, exploit and avoid them
  • Hands-on Exercises
  • Vulnerabilities in Modern Technologies
  • Wrap-up

Day 2: Advanced Web Application Security

Morning (9:00 - 11:30)

  • Day 1 Recap
  • Security Layers
  • Advanced Exploits and Vulnerabilities in Modern Technologies

Lunch break (11:30 - 12:30)

Afternoon (12:30 - 16:00)

  • Hands-on Exercises
  • Open Source & Working with 3rd Party Components
  • Resources for Developers
  • Wrap-up

All times are in Helsinki time. This is a projected agenda for the course and is subject to changes depending on attendee progression and requests.


If you can not participate this course, you can send someone else instead of you. If cancellation is done less than 14 days before the course start, we will charge 50% of the price. In case of no show without any cancellation, we will charge the whole price. Cancellation fee will also be charged in case of illness. The attendee is responsible of setting up and configuring the required software used during the course. The course organizer does not take responsibility of possible technical issues.

Oma koulutus tai tapahtuma Oppia.fi:hin?

Ota yhteyttä!