This course provides an in-depth look at how to secure mobile users as customer-facing information migrates from mainframe computers and application servers to Web-enabled applications. Course materials written by an industry expert provide a comprehensive explanation of the evolutionary changes that have occurred in computing, communications, and social networking. In addition, this course covers how to secure systems against all the risks, threats, and vulnerabilities associated with Web-enabled applications accessible via the Internet. Hands-on activities on a live IT infrastructure prepare you to secure Web-enabled applications in the context of complex, real-world scenarios.

Course Duration:

5 days

What You’ll Learn

  • Impact of the Internet and Web applications on the business world
  • Evolution of social media and social networking
  • Web-based risks
  • Common website attacks, weaknesses, and security best practices
  • Secure coding practices
  • Role and importance of audit and compliance to Web application security
  • Role and importance of quality assurance testing for Web applications
  • Value and importance of vulnerability and security assessments for Web applications
  • Next-generation challenges in securing Web applications and data
  • Construct a comprehensive lifecycle approach to Web applications security

Who Needs to Attend

  • Information security analysts
  • Payroll specialists
  • IT infrastructure security specialists
  • People who decide which information technology and cybersecurity products to acquire for their organization

Prerequisites

General knowledge of networking and management information systems

Course Outline

1. Evolution of Computing, Communications, and Social Networking

  • From Mainframe to Client-Server to World Wide Web
  • From Brick-and-Mortar to E-commerce to E-business Transformation
  • Evolution of People-to-People Communications
  • From Personal Communication to Social Networking

2. Secure Web-Enabled Application Deployment and Social Networking

  • Mitigating Risk When Connecting to the Internet
  • Mitigating Website Risks, Threats, and Vulnerabilities
  • Introducing the Web Application Security Consortium (WASC)
  • Securing Web Applications
  • Mitigating Web Application Vulnerabilities
  • Maintaining PCI DSS Compliance for E-commerce Websites
  • Testing and Quality Assurance for Production Websites
  • Performing a Website Vulnerability and Security Assessment

3. Web Applications and Social Networking Gone Mobile

  • Securing End-Point Device Communications
  • Securing Personal and Business Communications
  • Web Application Security Organizations, Education, Training, and Certification

Labs

Lab 1: Evaluate Business World Transformation-Impact of the Internet and WWW

Lab 2: Engage in Internet Research to Obtain Useful Personal Information

Lab 3: Perform a Post-Mortem Review of a Data Breach Incident

Lab 4: Exploit Known Web Vulnerabilities on a Live Web Server

Lab 5: Apply OWASP to a Web Security Assessment

Lab 6: Align Compliance Requirements to FISMA, SOX, HIPAA, GLBA, PCI DSS, and AICPA

Lab 7: Perform Dynamic and Static Quality Control Testing

Lab 8: Perform an IT and Web Application Security Assessment

Lab 9: Recognize Risks and Threats Associated with Social Networking and Mobile Communications

Lab 10: Build a Web Application and Security Lifecycle Plan