Skip to main content

Top 10 Web Threats for Developers - ESI CEE Security training

Need to mitigate SQL Injection?
Proper XSS Filters?
Want to stop CSRF?

Join us at Top 10 Web Threats for Developers!

REGISTER NOW if you want to:

  • Be aware of the top threats in Web development;
  • Know the tactics used to mitigate these threats;
  • Do not systematically allow security vulnerabilities to 'slip in' while developing a product/website.

When: 3 July, 2014
Where: ESI CEE e-Competence center, Mladost 4, Business Park Sofia, bldg.11-B, fl.1
Last call: Wednesday, 25 June, 2014

Various sources identify that between 20% and 60% of websites have each at least one serious vulnerability. Our own research at ESI CEE confirms that the danger is significant. A serious issue is the diversity of threats on Web platforms – different types of attacks can shut down entire services, steal valuable data, impersonate legitimate sites, intercept data on-the-fly, forge user actions, etc. Due to the constant increase in the number of attacks on Web applications, a Web developer now has to be aware of the threats in order to effectively counteract these threats and produce secure and correctly working systems.This 1-day course is designed to introduce developers to the inner workings of the top web threats, how they are exploited, and how to write code that is secure against these threats.

The course includes live demos of attacks, exercises in detecting and leveraging threats, examples of weak and vulnerable code and the process of repairing it and fixing vulnerabilities, mitigation tactics, developer-specific best practices and discussions on how not to write vulnerable code in the process of daily work. The course is mostly technical and not organizational.

Objectives

  • Successful completion of this course enables participants to:
  • Be aware of the top threats in Web development;
  • Know the tactics used to mitigate these threats;
  • Do not systematically allow security vulnerabilities to 'slip in' while developing a product/website.

Ideal for: Web front-end and back-end developers, software engineers and architects that have a good grasp on development processes but have had no specific training in security. Also appropriate for mobile developers working on hybrid and/or pure-Web platforms.

Instructor/s: Professionals from ESI CEE Cyber Resilience Lab, partner of Software Engineering Institute, Carnegie Mellon University.

Certificate: Upon successful completion of the course attendees will receive a certificate from ESI CEE, partner of Software Engineering Institute, Carnegie Mellon University.

Kindly confirm your interest to book your place or contact us for any questions concerning registration and further details at hristina (at) esicenter (dot) bg or +359 2 4899740; +359 897 906 431 - Hristina Nikolova (ESI CEE Training Manager)