Description of the Course
Within 1,5 hour you will understand web application security without having to code.
This course has PDF files and Videos Lectures in MP4 and Quizzes.
This course will jumpstart your security career.
I will teach you the 10 most common threats identified by the Open Web Application Security Project (OWASP). At the end of the course you will learn:
1) what the OWASP top 10 threats and are,
2) the impact per security threat for your business
3) how these security threats can be executed by attackers / pentesters / hackers
4) how these security threats can be mitigated
You will able to understand the above-mentioned points without having to understand code…
For your convenience I’ve combined the OWASP 2017 and OWASP 2013 top 10 list into a single list of 10 common web application security threats.
How is that possible?
The threats are explained conceptually, since the implementation of a threat may differ per situation. Therefore, having a general understanding of the security threats, its implications and potential solutions will provide you with the essential knowledge to mitigate the impact of these web application security threats. Hence, no security coding or security testing experience needed.
– Defense in depth. This is one of the basic security principles.
– Basic explanation of STRIDE (spoofing, tampering, repudiation, information disclosure, denial of service, elevation of privilege). I’ve also added privacy by design resources in this course. This means both security by design and privacy by design!
– Overview of a secure software development process. Build security into you delivery process
– Frequently asked questions. Ask a security question and I’ll answer it with a video.
Why include bonus material, is the main course not exciting enough?
Again, excellent question! Getting security right goes well beyond web application security. With the bonus material, I would like to inform you about the complementary measures that should be taken into account.
I’m fully convinced of the benefits, but I don’t see why I should learn all this from you.
True, let me explain by giving you an overview of my experience:
– Chief Information Security Officer (present). Managing Security, Privacy and Quality professionals. Responsible for implementing and maintaining a well balanced organisational risk posture;
– Security and privacy operations manager (2 years). Acting as a security liaison on strategic accounts, I monitor the security of 2500+ workstations, 500+ servers and 10+ firewalls and routers, report on the operational security status of European and Dutch law and integrate intelligence results from AVDS, Check Point, Nagios, Nessus, Palo Alto Traps,SCCM, SCEP, SEP, SCOM and SIEM;
– Parttime PhD Candidate (7 years – present). I read the science, you’ll get the knowledge! What more do you want?
– Software quality consultant (6,5 years). I’ve advised many managers of large / small IT projects on various software related aspects;
– IT auditor (1 year). I have closely worked with accountants and audited large governmental IT projects;
– Quality assurance engineer (3 years). I have implemented large IT systems for large companies.
You can find more details on LinkedIn on or my profile.
Go ahead and click the enroll button, and I’ll see you in lesson 1!