コース概要

Introduction

Overview of Web Security Testing Guide

  • The OWASP Testing Project
  • Tailoring and prioritizing for organizations
  • Testing principles and techniques
  • Security testing objectives and requirements

Exploring Various Testing Techniques

  • Manual inspections and reviews
  • Threat modeling
  • Source code review
  • Penetration testing
  • Security test integration and data analysis

Understanding the OWASP Testing Framework

  • Activities from development to deployment
  • Maintenance and operations
  • Lifecycle end-to-end testing framework and workflow
  • Penetration testing methodologies

Performing Web Application Security Testing

  • Information gathering
  • Configuration and deployment management testing
  • Identity management testing
  • Authentication and authorization testing
  • Session management testing
  • Input validation testing
  • Testing for error handling
  • Testing for weak cryptography
  • Business logic testing
  • Client-side testing
  • API testing

Reporting the Testing Assessment and Results

  • Introduction section
  • Executive summary
  • Findings section
  • Appendices

Getting Involved in the Web Security Testing Guide

  • Referencing and linking WSTG scenarios
  • Code of conduct
  • Contribution guide
  • Feature requests and feedback

Summary and Conclusion

要求

  • A general understanding of web development lifecycle
  • Experience in web application development, security, and testing

Audience

  • Developers
  • Engineers
  • Architects
 21 時間

参加者の人数


Price per participant

Open Training Courses require 5+ participants.

お客様の声 (5)

Multiple examples for each module and great knowledge of the trainer.

Sebastian - BRD
コース - Secure Developer Java (Inc OWASP)

モジュール3 アプリケーションの攻撃とエクスプロイト、XSS、SQLインジェクション モジュール4 サーバーの攻撃とエクスプロイト、DOS、BOF

Tshifhiwa - Vodacom
コース - How to Write Secure Code

Machine Translated

Real-life examples.

Kristoffer Opdahl - Buypass AS
コース - Web Security with the OWASP Testing Framework

The trainer's subject knowledge was excellent, and the way the sessions were set out so that the audience could follow along with the demonstrations really helped to cement that knowledge, compared to just sitting and listening.

Jack Allan - RSM UK Management Ltd.
コース - Secure Developer .NET (Inc OWASP)

Piotr was very knowledgeable and related security issues to real world examples very well. His preparation was brilliant.

Alex Boseley - Trakm8 Ltd
コース - OWASP Top 10

Upcoming Courses

OWASP Web Security Testing Guide

2025-05-21 10:00
21 時間
Tokyo, Shibuya Glass City
¥ 683316 ~ (オンライン)
¥ 1366632 ~ (教室)

OWASP Web Security Testing Guide

2025-06-04 10:00
21 時間
Osaka Kokusai
¥ 683316 ~ (オンライン)
¥ 1366632 ~ (教室)

OWASP Web Security Testing Guide

2025-06-18 10:00
21 時間
Yokohama - Kannai Business Center
¥ 683316 ~ (オンライン)
¥ 1366632 ~ (教室)

OWASP Web Security Testing Guide

2025-07-02 10:00
21 時間
Nagoya - Meieki Minami
¥ 683316 ~ (オンライン)
¥ 1366632 ~ (教室)

OWASP Web Security Testing Guide

2025-07-16 10:00
21 時間
東京 新宿パークタワー
¥ 683316 ~ (オンライン)
¥ 1366632 ~ (教室)

関連コース

Web Security Testing - Security and Testing of Web Applications using OWASP

 21 時間

This instructor-led, live training in  (online or onsite) is aimed at developers, engineers, and architects seeking to secure their web apps and services.

By the end of this training, participants will be able to integrate, test, protect, and analyze their web apps and services using the OWASP testing framework and tools

続きを読む...

OWASP Mobile Security Testing Guide

 21 時間

This instructor-led, live training in 日本 (online or onsite) is aimed at developers, engineers, and architects who wish to apply the MSTG testing principles, processes, techniques, and tools to secure their mobile applications and services.

By the end of this training, participants will be able to:

  • Explore testing techniques to strategize an effective security testing implementation in the development lifecycle.
  • Perform testing techniques to test general vulnerabilities and risks in mobile apps.
  • Run various security testing processes to secure their Android and iOS mobile applications.
続きを読む...

OWASP Top 10

 14 時間

This instructor-led, live training in 日本 (online or onsite) is aimed at web developers and leaders who wish to explore and implement the OWASP Top 10 reference standard to secure their web applications.

By the end of this training, participants will be able to strategize, implement, secure, and monitor their web applications and services using the OWASP Top 10 document.

続きを読む...

How to Write Secure Code

 35 時間

This Course in 日本 aims to help in the following:

  1. Help Developers to master the techniques of writing Secure Code
  2. Help Software Testers to test the security of the application before publishing to the production environment
  3. Help Software Architects to understand the risks surrounding the applications
  4. Help Team Leaders to set the security base lines for the developers
  5. Help Web Masters to configure the Servers to avoid miss-configurations
続きを読む...

Secure Developer Java (Inc OWASP)

 21 時間

This course covers the secure coding concepts and principals with Java through Open Web Application Security Project (OWASP) methodology of testing. The Open Web Application Security Project is an online community which creates freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.

続きを読む...

Secure Developer .NET (Inc OWASP)

 21 時間

This course covers the secure coding concepts and principals with ASP.net through the Open Web Application Security Project (OWASP) methodology of testing , OWASP is an online community which creates freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. 

This Course explores the Dot Net Framework Security features and how to secure web applications.   
    
    
    
    
    

続きを読む...

関連カテゴリー

Image for the OWASP
OWASP