Overview:

The web landscape has had an explosive growth in the recent years. Early technologies put into use are beginning to show signs of weakness. For the past 5 years, security teams and operation managers had been putting all their security focus effort onto the perimeter and network security. Eventually, today most of the organizations understand the importance of network security. But keeping in mind that security is as strong as its weakest link, one quickly realises the importance of application security. Applications are definitely at the core of the company’s business processes.

A cyber attack is often like lightning bolt: it strikes where it is the easiest to go through. Since network security is widespread and relatively well implemented, a potential attacker is naturally geared towards attacking the application. Especially since there is no real tool today to prevent an attacker from accessing the application until at least the log-in prompt.

Web applications are also rapidly getting bigger and more complex, which makes them extremely vulnerable. This inevitably gives rise to new avenues for hackers to attack applications easily. What’s worse! Most of the web applications today are either purchased from a third party that comes along with a customization contract, or outsourced to an external developer.

Unfortunately, most vendors are pressured to release their application always faster and bigger, to a point where there is a clear lack of real security controls put in place. Senior officers and managers in charge of these applications are now challenged with some burning concerns such as:

Is the application really meeting the industry’s regulations on privacy and frauds in general? How can we be sure that the application is reasonably secured since we do not have the source code? Can the application withstand an internal attack by disgruntled employees?

In view of these and many other arising applications concerns, this in-depth technical hands-on to impart knowledge, techniques and processes involved in:

Testing the security of existing (live or UAT stage) applications
Developing web applications securely
Providing a neutral and non-vendor-centric perspective to evaluate the proper web applications for purchase

Course benefits:

Examine threats and vulnerabilities exposed through web services
Examine trivial and advanced techniques to uncover web application vulnerabilities
Each concept has a corresponding hands-on session on a real-life application, with the assistance of the trainer
Detail the proper way to fix or avoid each vulnerability
Provide general management guidelines as well as deep technical explanations

Who should attend

This is a Practical, Live Demo, In-depth Hands-on workshop limited to 15 delegates only. This Master Class aims to provide Senior Project Leaders, Corporate and Public Sector Information Processing Officers, with the resourcefulness that banks of financial organizations should possess about Application Security Architecture focused on WEB Services.

This course is relevant for:

CIOs, CTOs, IT Architects, Directors / Managers of IT / IS / MIS / DP, IS/IT Planners, IT Strategists, Software Project Leaders, Integration Team Leaders and Database Administrators, Business Analysts and Consultants whose responsibilities include management, high-level design or enterprise business application implementation; e-Commerce Senior Managers, Application Development (AD) Senior Managers, Systems Architects, QA Managers will find this course useful.