 |
Registration is required for this offering (below).
|
|
Description:
This 3-hour workshop covers essential web security concepts and trends for web developers. Learn secure coding and development techniques to improve your website’s security posture. The presentation includes working examples of Cross Site Scripting, SQL Injection, file inclusion, command injection and other attacks against a live web application. "Website Security Essentials for Developers" takes you step-by-step through the attacks and defenses. This workshop focuses on current web security strategies, secure coding
best practices, data validation techniques, and attack mitigation. It is taught using the LAMP environment (Linux, Apache, MySQL, PHP),
while the concepts covered are platform independent.
This workshop will cover:
- Six ways you can be hacked
- Web application architectures
- Common website attack scenarios
- Finding vulnerabilities
- Fixing vulnerabilities
- Secure Coding
- Data validation / sanitization techniques
- Best practices for securing web servers
- Live attack simulations
Presented as a Lecture-Style Workshop:
These are our most affordable training programs, designed to introduce a subject quickly and efficiently. Students can take notes from the instructor's projected computer screen, and/or bring their own computer to follow along. Lecture-style workshops are normally held on weekday evenings from 6 pm – 9 pm and contain a maximum of 30 students (average is 8-20).
Instructor:
 Steve Fox has been active in website development since 1994, serving as designer, coder, programmer, and systems administrator. Past clients include eBay and Dell, along with some of the most creative small businesses online. His technology practice, Fox Web Technology, LLC, offers network and web application security assessments, computer forensics and security training services.
Steve's academic background includes a Master of Science degree in Information Systems Technology from George Washington University (Washington, DC), Bachelor's degree in Computer Science from University of Missouri (Columbia, MO), and a Certificate in Computer Programming from Montgomery College (Rockville, MD). Steve holds the CISSP (Certified Information Systems Security Professional) and Security+ certifications, is a GIAC Certified Penetration Tester (GPEN) and Forensic Analyst (GCFA) and has served as an event facilitator for the SANS security training institute.
BDA Member Cost: $59.00 ($69.00 after Saturday, October 23, 2010)
Non Member Cost: $79.00 ($89.00 after Saturday, October 23, 2010) Become a member to save $20.00
|
Join Us On