Training Mile2

Training goals

code: C)SWAE | version: v4

Organizations and governments fall victim to internet-based attacks every day. In many cases, web attacks could be thwarted but hackers, organized criminal gangs, and foreign agents are able to exploit weaknesses in web applications. The Secure Web programmer knows how to identify, mitigate and defend against all attacks through designing and building systems that are resistant to failure. The secure web application developer knows how to develop web applications that aren’t subject to common vulnerabilities, and how to test and validate that their applications are secure, reliable and resistant to attack. The vendor-neutral Certified Secure Web Application Engineer certification provides the developer with a thorough and broad understanding of secure application concepts, principles, and standards. The student will be able to design, develop and test web applications that will provide reliable web services that meet functional business requirements and satisfy compliance and assurance needs.

Upon completion

The Certified Secure Web Application Engineer students will be able to establish industry acceptable auditing standards with current best practices and policies. Students will also be prepared to competently take the C)SWAE exam.

Who Should Attend

  • Coders
  • Web Application Engineers
  • IS Managers
  • Application Engineers
  • Developers
  • Programmers

Accreditations & Acknowledgements

Mile2® is:

  • ACCREDITED by the NSA CNSS 4011-4016
  • MAPPED to NIST / Homeland Security NICCS's Cyber Security Workforce Framework
  • APPROVED on the FBI Cyber Security Certification Requirement list (Tier 1-3)

Conspect Show list

  1. Module 1: Web Application Security
  2. Module 2: OWASP Top 10
  3. Module 3: Threat Modeling & Risk Management
  4. Module 4: Application Mapping
  5. Module 5: Authentication and Authorization Attacks
  6. Module 6: Session Management Attacks
  7. Module 7: Application Logic Attacks
  8. Module 8: Data Validation
  9. Module 9: AJAX Attacks
  10. Module 10: Code Review And Security Testing
  11. Module 11: Web Application Penetration Testing
  12. Module 12: Secure SDLC
  13. Module 13: Cryptography

Lab:

  1. Module 1: Environment Setup and Architecture
  2. Module 2: OWASP TOP 10
  3. Module 3: Threat Modeling
  4. Module 4: Application Modeling and Analysis
  5. Module 5: Authentication and Authorization Attacks
  6. Module 6: Session Management Attacks
  7. Module 9: AJAX Security
  8. Module 10-1: Code Review
  9. Module 10-2: Security Test Scripts
  10. Module 10-3: Writing Java Secure Code
  11. Module 11: Alternatives Labs
  12. Lab 11-1 4: WebGoat & WebScarab
  13. Lab 11-2: WebGoat - Cross-Site Request Forgery (CSRF)
  14. Lab 11-3 Missing Function Level Access Control
  15. Lab 11-4: Perform Forced Browsing Attacks
Download conspect training as PDF

Additional information

Prerequisites
  • A minimum of 24 months’ experience in software technologies & security
  • Sound knowledge of networking
  • At least one coding Language
  • Linux understanding
  • Open shell
Difficulty level
Duration 5 days
Certificate

The participants will obtain certificates signed by Mile2 (course completion).

This course will help prepare you for the Certified Secure Web Application Engineer exam, which is available through the on-line Mile2’s Assessment and Certification System ("MACS"), and is accessible on your mile2.com account.

The exam will take 2 hours and consist of 100 multiple choice questions.

Each participant in an authorized C)SWAE - Certified Secure Web Application Engineer will receive a free CSWAE exam voucher.
Trainer

Certified Mile2 Instructor.
Mile2 show more courses
Training thematically related

Security

Security | Aruba

Network Security | Broadcom

Java Programming | Capstone Courseware

Java EE | Capstone Courseware

Open-Source Frameworks | Capstone Courseware

XML and Web Services | Capstone Courseware

Core Training | Check Point

Infinity Specializations | Check Point

ICS/OT security | Compendium CE

Security+ | CompTIA

CySA+ | CompTIA

PenTest+ | CompTIA

SecurityX (formerly CASP+) | CompTIA

Certified Ethical Hacker | EC-Council

Advanced WAF (AWAF) | F5

Access Policy Manager (APM) | F5

Advanced Firewall Manager (AFM) | F5

Fortinet Certified Professional (FCP) | Fortinet

Fortinet Certified Solution Specialist (FCSS) | Fortinet

Cyber security | ISC2

Microsoft 365 | Microsoft

Security | Microsoft

Pen Testing & Ethical Hacking | Mile2

Information Systems Management | Mile2

Incident Handling | Mile2

Cloud Security | Mile2

Forensics | Mile2

Disaster Recovery | Mile2

Healthcare | Mile2

Risk Management | Mile2

Auditing | Mile2

Cyber Range | Mile2

Security Awareness | Mile2

Cyber Threat Analyst | Mile2

Network Security | Palo Alto Networks

SASE | Palo Alto Networks

Security Operations | Palo Alto Networks

ISO/IEC 27001 Information Security Management Systems | PECB®

LinkProof | Radware

DefensePro | Radware

AppDirector | Radware

Alteon | Radware

Fundamentals | SCADEMY

C# | SCADEMY

C/C++ | SCADEMY

Java | SCADEMY

PHP | SCADEMY

Python | SCADEMY

WEB | SCADEMY

Cloud | SCADEMY

Cryptography | SCADEMY

Finance | SCADEMY

Healthcare | SCADEMY

Telecome | SCADEMY

Software design | SCADEMY

Software testing | SCADEMY

Dark Web | SECO-Institute

Cyber Defence | SECO-Institute

Crisis Management | SECO-Institute

Data Protection | SECO-Institute

Kubernetes | SUSE

Linux | The Linux Foundation

E-learning | The Linux Foundation

Exam | The Linux Foundation

Web development

Java EE | Capstone Courseware

Open-Source Frameworks | Capstone Courseware

XML and Web Services | Capstone Courseware

Contact form

Please fill form below to obtain more info about this training.






* Fields marked with (*) are required !!!

Information on data processing by Compendium - Centrum Edukacyjne Spółka z o.o.

PRICE 1400 EUR

FORM OF TRAINING ?

 

TRAINING MATERIALS ?

 

EXAM ?

 

SELECT TRAINING DATE

    • General information
    • Guaranteed dates
    • Last minute (-10%)
    • Language of the training
    • English
Book a training appointment
close

Traditional training

Sessions organised at Compendium CE are usually held in our locations in Kraków and Warsaw, but also in venues designated by the client. The group participating in training meets at a specific place and specific time with a coach and actively participates in laboratory sessions.

Dlearning training

You may participate from at any place in the world. It is sufficient to have a computer (or, actually a tablet, or smartphone) connected to the Internet. Compendium CE provides each Distance Learning training participant with adequate software enabling connection to the Data Center. For more information, please visit dlearning.eu site

close

Paper materials

Traditional materials: The price includes standard materials issued in the form of paper books, printed or other, depending on the arrangements with the manufacturer.

Electronic materials

Electronic materials: These are electronic training materials that are available to you based on your specific application: Skillpipe, eVantage, etc., or as PDF documents.

Ctab materials

Ctab materials: the price includes ctab tablet and electronic training materials or traditional training materials and supplies provided electronically according to manufacturer's specifications (in PDF or EPUB form). The materials provided are adapted for display on ctab tablets. For more information, check out the ctab website.

Upcoming Mile2 training

Training schedule Mile2