The major cause of web insecurity is the lack of secure software development practices. This highly intensive and interactive course provides essential application security training for web application, webservice and mobile software developers and architects. This class contains a combination of lecture, security testing demonstration and code review and includes the following modules.
Introduction to Application Security - HTTP Basics - SQL and other Injection - Authentication - OAuth Security - Access Control - Cross Site Request Forgery and Clickjacking - Advanced XSS Defense - Content Security Policy - HTTPS/TLS Best Practices - Webservice Security Overview - Mobile Security Overview