- Accueil
- Montréal 2019
- Sessions
PHP Application Security
Web security is an ever-changing landscape. Protect your infrastructure and your sensitive data with this 1-day training. We'll start with the theory behind application hardening. We will then go through a multitude of common vulnerabilities, along with concrete examples. We will implement solutions together in PHP. We'll finish with an interactive risk assessement session.
This training includes the OWASP top 10 and satisfies PCI DSS Requirement 6.5.
Course outline:
- Application hardening basics
- Injection
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities (XXE)
- Broken access control
- Security misconfiguration
- Cross-site scripting (XSS)
- Insecure deserialization
- Using components with known vulnerabilities
- Insufficient Logging & Monitoring
- Buffer overflows
- Cross-site request forgery
- Vulnerability identification and classification
- Threat modeling