Overview
This course guides the participant through the top ten security vulnerabilities of JSP websites. Using the OWASP top ten list, this course explains the vulnerability, provides samples of the flaw, provides solutions to protect the application, and provides tests to check site security.
This course involves hand-on demonstrations and labs.
Audience
Participants should be experienced JSP developers.
Length
16 hours
Outline
Overview of the OWASP Project
- Top Ten
-
- Cross Site Scripting
- Injection Flaws
- Malicious File Execution
- Insecure Direct Object Reference
- Cross Site Request Forgery
- Information Leakage and Improper Error Handling
- Broken Authentication and Session Management
- Insecure Cryptographic Storage
- Insecure Communications
- Failure to Restrict URL Access
- Input Validation Best Practices
- Conclusion