Web Application Security Fundamentals Eğitimi

Ön Kayıt ve Fiyat Bilgi Formu

Tarih ve lokasyonlar

Bu eğitimi özel sınıf olarak kendi kurumunuzda talep edebilirsiniz.
Lütfen bizimle iletişime geçin:


+90 212 282 7700

Talep Formu
Eğitim Tipi ve Süresi

Eğitim Sağlayıcı ve Kategori

IBM  » Security Eğitimler
IBM  » IBM Security Systems Eğitimler
Cybersecurity  » IBM Eğitimler

Web Application Security Fundamentals (TK330G)

IBM Course Code: TK330G

This course focuses on common web security attack vectors, how attackers exploit them, and how to prevent the exploits. It also introduces the Open Web Application Security Project (OWASP) as an industry standard security resource. Students learn through hands-on labs how to exploit web security vulnerabilities.

Access Your Class Recording for Six Months

Enjoy six months of access to a fully indexed and searchable recording of your class when you choose our Virtual Classroom Live learning experience.

What You'll Learn

  • Discuss common web application security issues and the organizations and testing techniques that can help prevent them
  • Describe basic web application components
  • Discuss the OWASP web application security attack classifications:
    • Injection
    • Broken authentication and session management
    • Cross-site scripting
    • Insecure direct object references
    • Security misconfiguration
    • Sensitive data exposure
    • Missing function level access control
    • Cross-site request forgery
    • Using components with known vulnerabilities
    • Unvalidated redirects and forwards
  • Use vulnerability testing and threat modeling to implement web application security throughout the software development life cycle

Who Needs to Attend

This basic course is for web developers, quality assurance specialists, security auditors, and users who are new to IBM Security AppScan products.


Before taking this course, make sure that you have the following skills:

  • Basic knowledge of internet technologies such as HTTP and TCP/IP
  • Basic knowledge of web application technologies such as SQL and operating systems

Follow-On Courses

There are no follow-ons for this course.

Course Outline

  • Unit 1: Introduction to web application security problems
  • Unit 2: Web application security basics
  • Unit 3: Injection flaws
  • Unit 4: Broken authentication and session management
  • Unit 5: Cross-site scripting
  • Unit 6: Insecure direct object references
  • Unit 7: Security misconfiguration
  • Unit 8: Sensitive data exposure
  • Unit 9: Missing function-level access control
  • Unit 10: Cross-site request forgery
  • Unit 11: Using components with known vulnerabilities
  • Unit 12: Unvalidated redirects and forwards
  • Unit 13: Integrating security into the software development lifecycle

Eğitim içeriğini PDF olarak indir