Application Security Training

No Reviews Yet

R T Nagar, Bangalore

Course ID: 43459

R T Nagar, Bangalore

Students Interested 0 (Seats Left 0)

No Reviews Yet

Date and Time

Not decided yet.

Vipin picture

B. Tech

2 Years of Experience

About Vipin

4 Years of Experience.
No reviews currently Be the First to Review

About the Course

About the Course

The course is focused on the web application security. It includes the security guidelines and considerations in web applications development. The participants will learn the basics of application security, how to enforce security on a web application, Basics of Threat Modeling, Threat Profiling, OWASP Top Ten Testing, Black Box Testing, and Source Code Reviews.

Objectives of the course

Upon completion of this course, participants will be able to:

  • Understand the need for security

  • Understand the various security threats and countermeasures

  • Design and Develop secured web applications

Who should attend this training?

  • All web app developers, testers, designers who wish to improve their security skills

  • Developers and System Architects wishing to improve their security skills and awareness

  • Team Leaders and Project Managers

  • Security practitioners and managers

  • Auditors

  • people who wants to learn the techniques for securing Web applications

  • also for the QA analysts who want to learn the mechanics of Web applications for better testing

Course Contents

Session One: Introduction & Case Studies

  • Introduction to Web Applications

  • Understanding Web Application Architecture

  • HTTP Protocol Basics

  • HTTP Attack Vectors


  • Introduction to VAPT

  • Introduction to Application Security

  • Application Security Risks

  • Case Studies

Session Two: OWASP Top 10 2017 RC2

  • Global Standards/Frameworks

    • SANS Top 25 Software Errors

    • WASC

    • NIST

    • OWASP

  • What is OWASP

  • Significant OWASP Projects

  • OWASP Top 10

  • The OWASP Top 10 for WebAppSec

    • A1 - Injection

    • A2 - Broken Authentication and Session Management

    • A3 - Sensitive Data Exposure

    • A4 - XML External Entity (XXE)

    • A5 - Broken Access Control

    • A6 - Security Misconfiguration

    • A7 - Cross-Site Scripting (XSS)

    • A8 - Insecure Deserialization

    • A9 - Using Components with Known Vulnerabilities

    • A10 - Insufficient Logging & Monitoring

  • Countermeasures of OWASP Top 10 2017 RC2

Session Three: Beyond OWASP

  • CSRF

    • Understanding the vulnerability

    • Discovering the vulnerability

    • Attacking the Issue

    • Impact & Countermeasure

  • SSRF

    • Understanding the vulnerability

    • Discovering the vulnerability

    • Attacking the Issue

    • Impact & Countermeasure

  • Clickjacking

    • Understanding the vulnerability

    • Discovering the vulnerability

    • Attacking the Issue

    • Impact & Countermeasure

Session Four: Scanners & Interpreting Scan Reports

  • Web Application Scanners

    • Netsparker

    • Nessus

    • Acunetix

    • AppScan

    • WebInspect

    • NeXpose

  • Profiling the Scans

  • Interpreting Scanner Reports

  • Open source Tools and Testing Methodologies

    • Vega


Session Five: API Insecurity

  • API Insecurity

    • Introduction to API & API Security

    • SOAP vs REST

    • Case Studies

    • Common API Vulnerabilities

  • Core Toolset for API Testing

  • Attacks on API

  • API Assessment Approach

  • Bot Defense for API

  • How to stop API Attacks?

Session Six: Practical Tips For Defending Web Application & API

  • Common Mistakes in Development

  • Security Best Practices for Web Application & API Security

  • Secure SDLC

    • Threat Modelling

    • Source Code Review

    • VAPT

  • DevSecOps

    • What is DevSecOps

    • DevSecOps vs Secure SDLC

    • DevSecOps for API Security

*Note: We are flexible with the batch timings and students will be provided the timing slots according to their preferences.


No reviews currently Be the First to Review


Students Interested 0 (Seats Left 0)

Post your requirement and let us connect you with best possible matches for Application Security Training Post your requirement now


Submit your enquiry for Application Security Training

Please enter valid question or comment

Please enter your name.

Please enter valid Phone Number

Please enter the Pin Code.

By submitting, you agree to our Terms of use and Privacy Policy

Connect With Shair Ali

You have reached a limit!

We only allow 20 Tutor contacts under a category. Please send us an email at for contacting more Tutors.

You Already have an UrbanPro Account

Please Login to continue

Please Enter valid Email or Phone Number

Please Enter your Password

Please enter the OTP sent to your registered mobile number.

Please Enter valid Password or OTP

Forgot Password? Resend OTP OTP Sent

Sorry, we were not able to find a user with that username and password.

We have sent you an OTP to your register email address and registered number. Please enter OTP as Password to continue

Further Information Received

Thank you for providing more information about your requirement. You will hear back soon from the trainer is India's largest network of most trusted tutors and institutes. Over 25 lakh students rely on, to fulfill their learning requirements across 1,000+ categories. Using, parents, and students can compare multiple Tutors and Institutes and choose the one that best suits their requirements. More than 6.5 lakh verified Tutors and Institutes are helping millions of students every day and growing their tutoring business on Whether you are looking for a tutor to learn mathematics, a German language trainer to brush up your German language skills or an institute to upgrade your IT skills, we have got the best selection of Tutors and Training Institutes for you. Read more