UK flag UK
+44 (0) 207 874 5000
+44 (0) 207 874 5000
  • Home
  • Courses
  • Securing Web Applications, Services, and Servers Training

Securing Web Applications, Services, and Servers Training

Course 940

  • Duration: 4 days
  • Labs: Yes
  • Language: English
  • Level: Intermediate

This Full Stack Cybersecurity Training for Web Apps and Services course provides in-depth, hands-on experience securing Web-based applications and their servers. You will gain in-depth experience securing web services and learn how to integrate robust security measures into the web application development process by adopting proven architectures and best practices.

This web service security course includes the OWASP top 10 most critical web application security risks and how to remediate them.

Securing Web Applications, Services and Servers Training Delivery Methods

  • In-Person

  • Online

Securing Web Applications, Services and Servers Training Course Information

In this training, you will learn about the following:

  • Implement and test secure web applications in your organisation
  • Identify, diagnose, and remediate the OWASP top ten web application security risks
  • Configure a web server to encrypt web traffic with HTTPS
  • Protect Ajax-powered applications and prevent JSON data theft
  • Secure XML web services with WS-Security

Prerequisites

Basic knowledge of Web application operation and Web server administration is assumed. For example, you should understand Web browser/server operation, session management and basic HTML. In addition, experience with server-side Web application development and security knowledge is helpful.

Securing Web Applications, Services and Servers Training Outline

  • Defining threats to your web assets
  • Surveying the legal landscape and privacy issues

Modelling web security

  • Achieving Confidentiality, Integrity and Availability (CIA)
  • Performing authentication and authorisation

Encrypting and hashing

  • Distinguishing public– and private–key cryptography
  • Verifying message integrity

Configuring security for HTTP services

  • Managing software updates
  • Restricting HTTP methods

Securing communication with SSL/TLS

  • Obtaining and installing server certificates
  • Enabling HTTPS on the web server

Detecting unauthorised modification of content

  • Configuring permissions correctly
  • Scanning for file–system changes

Employing OWASP resources

  • The Open Web Application Security Project (OWASP) top ten
  • Remediating identified vulnerabilities

Securing database and application interaction

  • Uncovering and preventing SQL injection
  • Defending against an insecure direct object reference

Managing session authentication

  • Protecting against session ID hijacking
  • Blocking cross-site request forgery

Controlling information leakage

  • Displaying sanitised error messages to the user
  • Handling requests and page faults

Performing input validation

  • Establishing trust boundaries
  • Removing the threat of Cross-Site Scripting (XSS)
  • Exposing the dangers of client-side validation
  • Implementing robust server-side input validation with regular expressions

Ajax features

  • Identifying core Ajax components
  • Exchanging information asynchronously

Assessing risks and evaluating threats

  • Managing unpredictable interactions
  • Exposing Ajax vulnerabilities

Diagnosing XML vulnerabilities

  • Identifying nonterminated tags and field overflows
  • Uncovering web service weaknesses

Protecting the SOAP message exchange

  • Validating input with an XML schema
  • Encrypting exchanges with HTTPS
  • Implementing WS–Security with a framework

Operating and configuring scanners

  • Matching patterns to identify faults
  • "Fuzzing" to discover new or unknown vulnerabilities

Detecting application flaws

  • Scanning applications remotely
  • Finding vulnerabilities in web applications with OWASP and third-party penetration testing tools

Adopting standards

  • Reducing risk by implementing proven architectures
  • Handling personal and financial data

Managing network security

  • Modelling threats to reduce risk
  • Integrating applications with your network architecture
Get This Course £2,515 For Team Prices Call: 44 (0) 207 874 5000
  • 4-day instructor-led training course
  • After-course computing sandbox
  • One-on-one after-course instructor coaching

  • Learning Tree end-of-course exam included

Get the Advantage £3,150
  • Take this course and gain unlimited access to more than 300 virtual instructor-led courses
  • Future-proof your career with more than 100 sought-after certifications in the market
  • Build real skills through hands-on learning in more than 180 virtual labs
  • Grow your skills and capabilities with more than one course at a time and save
Thank you for choosing subscriptions!
#940
  • Aug 5 - 8 2:00 PM - 9:30 PM BST
    Ottawa or Virtual
  • Sep 2 - 5 2:00 PM - 9:30 PM BST
    Herndon, VA or Virtual
  • Sep 9 - 12 9:00 AM - 4:30 PM BST
    London or Virtual
  • Oct 28 - 31 1:00 PM - 8:30 PM GMT
    Herndon, VA or Virtual
  • Nov 25 - 28 9:00 AM - 4:30 PM GMT
    London or Virtual
  • Jan 6 - 9 2:00 PM - 9:30 PM GMT
    Herndon, VA or Virtual
  • Mar 3 - 6 9:00 AM - 4:30 PM GMT
    London or Virtual
  • Mar 10 - 13 1:00 PM - 8:30 PM GMT
    Herndon, VA or Virtual
  • Jun 2 - 5 9:00 AM - 4:30 PM BST
    London or Virtual

Scroll to view additional course dates

  • Bring this or any training to your organisation

  • Full-scale programme development

  • Delivered when, where, and how you want it
  • Blended learning models
  • Tailored content
  • Expert team coaching

Get the Advantage £3,150
  • Take this course and gain unlimited access to more than 300 virtual instructor-led courses
  • Future-proof your career with more than 100 sought-after certifications in the market
  • Build real skills through hands-on learning in more than 180 virtual labs
  • Grow your skills and capabilities with more than one course at a time and save
Thank you for choosing subscriptions!
#940
Questions about this course?
* Required Fields
Customise Your Team Training Experience

Fill out the form below or call 44 (0) 207 874 5000

* Required Fields
Preferred method of contact:

Need Help Finding The Right Training Solution?

Our training advisors are here for you.

Contact Us

Securing Web Servers Course FAQs

Applies security to web services. It is an extension to SOAP and a member of the web service specifications.

Yes! We know your busy work schedule may prevent you from getting to one of our classrooms which is why we offer convenient online training to meet your needs wherever you want. This course is available in class and live online.

Related Courses

  • Learning Tree
    Introduction to Cybersecurity

    The Information Security Training provides the knowledge and skills to analyze and assess network risks, then select & deploy appropriate countermeasures.

    Foundation
    3 days
    Online or In-class
    Starts from £2,515