Search
Close this search box.
Back

Web application cybersecurity – OWASP Top 10:2021

  • Cybersecurity
  • IN COMPANY, ON SERMA PREMISES

Objectives

This training course aims to raise awareness among system and product architects of the cybersecurity concerns, issues, constraints and challenges that can impact their current responsibilities, deliverables and day-to-day work.

INTRODUCTION TO CYBERSECURITY

  • Vocabulary and definition
  • Understanding the need and its evolution over time
  • The notion of “attack surface”

 

FRAMEWORKS

  • OWASP Top 10 Presentation
  • CWE Top 25 Presentation

 

VULNERABILITY ECOSYSTEM

  • CVE: Common Vulnerability Enumeration
  • CVSS: Common Vulnerability Scoring System
  • Find and report a vulnerability

 

A01:2021-FAULTY ACCESS CONTROL

  • Presentation of the vulnerability category
  • Exercise/Demo
  • Remediation/Tools

 

A02:2021-CRYPTOGRAPHIC FAILURE

  • Presentation of the vulnerability category
  • Exercise/Demo
  • Remediation/Tools

 

A03:2021-INJECTION

  • Presentation of the vulnerability category
  • Exercise/Demo
  • Remediation/Tools

 

A04:221-INSECURE DESIGN

  • Presentation of the vulnerability category
  • Exercise/Demo
  • Remediation/Tools

A05:2021-SECURITY MISCONFIGURATION

  • Presentation of the vulnerability category
  • Exercise/Demo
  • Remediation/Tools

A06:2021-VULNERABLE AND OBSOLETE COMPONENTS

  • Presentation of the vulnerability category
  • Exercise/Demo
  • Remediation/Tools

A07:2021-FAILED IDENTIFICATION AND AUTHENTICATION

  • Presentation of the vulnerability category
  • Exercise/Demo
  • Remediation/Tools

A08:2021-DATA AND SOFTWARE INTEGRITY DEFICIENCY

  • Presentation of the vulnerability category
  • Exercise/Demo
  • Remediation/Tools

A09:2021-INSUFFICIENT MONITORING AND LOGGING

  • Presentation of the vulnerability category
  • Exercise/Demo
  • Remediation/Tools

A10:2021-SERVER-SIDE REQUEST FORGERY

  • Presentation of the vulnerability category
  • Exercise/Demo
  • Remediation/Tools

No industrial safety experience required. However, knowledge of industrial systems and some notions of IT, electronics and embedded software are desirable.

  • A PC / MAC with Teams installed and unrestricted access to the Internet.

If remote :

  • Stable Internet access via Ethernet or Wi-Fi with a decent bandwidth (1.2 Mb/s minimum downstream is recommended).

This course is aimed at people interested in the design aspects of industrial architecture. Electronics enthusiasts and professionals, as well as IT security professionals (developers, architects, integrators, hardware designers, project managers).

Expert in web cybersecurity.

  • Projected PowerPoint presentation
  • Interactive web platform (Klaxoon)
  • Practical scenario of an attack on a vulnerable WEB application

Assessments at the beginning and end of the course, quizzes, etc.

A training certificate complying with the provisions of Article L.6353-1 paragraph 2 is issued to the trainee.

5 working days before the course start date (if financed by OPCO).

For all information and registrations
Contact us
  • Available all year.
  • 2 days
  • Remote learning
    • Price intra-company : On request
    • Price Online : On request
Download the training catalogue
Share

I subscribe to the training newsletter

AMONG OUR TRAINING

  • Cybersecurity

Cybersecurity of embedded systems and connected objects
  • Cybersecurity

Cybersecurity and compliance rail – TS 50701

Contact us

    Sign up for 

    our newsletter

      Linkedin Youtube
      • HEAD OFFICE
        14 Rue Galilée - CS10055
        33615 Pessac - France
        +33 (0)5 57 26 08 88

      © 2024 SERMA GROUP – Terms and ConditionsData protection policy