ISACA Scotland - Spring 2009 Training Event
ISACA Hands-on: Remote Testing for Common Web Application...

ISACA Hands-on: Remote Testing for Common Web Application Security Threats

Thursday, March 19, 2009 from 8:30 AM - 5:00 PM (GMT)

City of Edinburgh, United Kingdom

This event has ended!
View current events hosted by


Ticket Information
Ticket Type Remaining Sales End     Quantity
SOLD OUT! - Standby List   more info 7 tickets Ended Free   N/A
Event Details

ISACA Scotland are delighted to announce their Spring 2009 training event in Edinburgh on March 19th 2009.

Speaker: David Rhoades, Maven Security Consulting, Inc www.MavenSecurity.com. David is a regular presenter and speaker for ISACA, and is speaking at Eurocacs in March 2009.

Requirement: You will need to bring your own laptop. Please ensure you have full administrative rights to install virtual machines to carry out the training. You can also take away this software to practice further.

Course Objectives

  • Understand the security threats facing web applications
  • Learn the tools and techniques to remotely validate a web application's security
  • Enhance secure programming practices by raising awareness and giving programmers the tools needed to audit their code from the user's perspective

Course Topics

  • Web Protocols Primer
    • Web protocols & standards (HTML, HTTP)
    • Session tracking and state mechanisms
    • HTTP authentication mechanisms
    • Tools for interception, manipulation, and analysis of web traffic
  • Common Web Application Security Threats
    • The Web Application Security Consortium (WASC) "Threat Classification" (http://www.webappsec.org/projects/threat/)
    • Classes of Attack; definitions and examples (including authentication, authorization, client-side attacks, command execution, information disclosure, and logic attacks)
    • The most popular forms of attack will be covered in the labs, such as Cross-site Scripting (XSS) and SQL Injection Remote tools and testing techniques for locating these vulnerabilities Cross references to the OWASP Top Ten will be given

Outcome

Attendees will be able to identify, understand and assess common website vulnerabilities to ensure common security issues are managed and addressed.

Further Information

If you have any questions regarding this event, please contact Paul Guckian at vpresident@isaca-scotland.org.uk or any of the other committee member at http://www.isaca-scotland.org.uk/contacts.htm

Attendee List Sort by: Date
Show More
When

Thursday, March 19, 2009 from 8:30 AM - 5:00 PM (GMT)

Add to my calendar Add to my calendar
Where
Nice Suite, Apex City Hotel
61 Grassmarket
Edinburgh
EH1 2 City of Edinburgh
United Kingdom



Other Maps:

Via Michelin | Google

This training event is provided as a service to ISACA Scotland members. In the unlikely event of unforseen or exceptional circumstances, ISACA Scotland reserves the right to cancel this event and refund the courses costs without further liability. If you are planning to incur significant travel costs, then please contact us before booking.
This page was published using Eventbrite, your total online solution to publish, register, manage and promote events. Host Your Events With Eventbrite.
Contact Host for event and ticket information.