IT Security for Web Developers: 2-Day Virtual Seminar (English)

IT-Sicherheit für Webentwickler: virtueller Zwei-Tage-Workshop - Golem Karrierewelt
IT-Sicherheit für Webentwickler: virtueller Zwei-Tage-Workshop - Golem Karrierewelt

Eckdaten

Target audience: web developers, software developers | Duration: 2 days | 9:00–17:00 | Trainer: Martina Kraus | Location: online | Number of participants: 4-12

Description

The seminar covers which errors lead to web security vulnerabilities and how these can be exploited. It enables the independent identification and avoidance of security vulnerabilities in daily development.

The goal is to deepen knowledge in the field of IT security for individuals with experience in web development.

The training takes place as an online video conference; all necessary information and access data will be sent in advance by email.

Agenda

IT Security Basics

  • Security principles
  • Hashing/Encryption/Encoding
  • Symmetric / asymmetric encryption
  • Authentication & Authorization
  • Important Algorithms & Principles

Security Concepts in Web Applications

  • Same Origin Policy
  • Cookie Security (Cookie attributes like httpOnly)
  • HTTP Security
  • Proper Use of Security-Relevant HTTP Headers
  • Content Security Policy (CSP)
  • Transport Encryption
  • Proper Use of Two-Factor Authentication
  • JWT
  • OAuth2 and OpenID Connect
    etc.

Practical Application of Security Concepts

  • How to Ensure Data Integrity, Even When
    • Data Runs Over Unsecure Channels
    • Securing the Communication Path
  • What to Consider
    • When Implementing Authentication
    • Storing Passwords Securely
    • Using a Web Framework
  • Secure Implementation of
    • Forms and File Uploads
    • Denial-of-Service Protection Strategies
    • Security Measures for the Frontend and
    • Secure API Development, Including REST Services

Attacks on Web Applications

  • OWASP Top 10
  • Credential Attacks
  • Cross-Site Scripting
  • Cross Site Request Forgery (CSRF)
  • Various Injection Attacks (e.g., SQL)
  • DoS

Securing Web Applications

  • Against the Introduced Attack Vectors

Introduction to Vulnerability Testing of a Web Application

  • Manual and Automatic Tools
  • Static and Dynamic Analysis for Scanning Vulnerabilities

Target Audience

The target audience of this course includes individuals who implement, design, or evaluate technical backgrounds of web applications in the frontend or backend.

Participants should have a solid understanding of basic web technologies, including HTTP, HTML, basic JavaScript, and ideally a dynamic backend language of choice.

Dozent

Martina Kraus, Google Developer Expert und erfahrene Frontend-Entwicklerin, hat sich auf Webtechnologien und Angular spezialisiert. Sie arbeitet als IT-Trainerin und präsentiert ihr Wissen auf internationalen Konferenzen. Martina ist außerdem an der Organisation von Community-Events wie den Angular Girls und dem Angular Heidelberg Meetup beteiligt.

Weitere Trainings des Dozenten:

Ab 4 Teilnehmern: Gruppenrabatt sichern

Bei Buchung 15% sparen: statt 1.275,00 € 1.083,75 € pro Teilnehmer (zzg. MwSt./USt.)

Customer Reviews

Based on 2 reviews
100%
(2)
0%
(0)
0%
(0)
0%
(0)
0%
(0)
H
Hamad Rizwan, e.solutions GmbH

The content was well-structured and highly informative, with practical exercises that reinforced the concepts. The trainer, Martina, was knowledgeable and approachable, creating a great learning atmosphere. I feel much more confident in applying IT security best practices to my work.

A
Anonymous

it was great, personally I knew 80% of the content, so I expected maybe a little more details, but generally I can imagine it was good for other people in the team. I leaned something as well and I'm happy with that :)


DU SPARST -15% 1.517,25 EUR inkl. MwSt./USt
1.275,00 EUR zzgl. MwSt./USt. 1.500,00 EUR