(ISC)2 Japan Chapter メンバー優待　ベンダートレーニング（有償）のご案内。

Network Intelligence社によるCWASP(Certified Web Application Security Professional)トレーニングをご案内します。
(ISC)2 メンバーは割引価格で受講いただけます。
トレーニングの申込み及びご質問等は、Network Intelligence社の連絡先（文末に記載）へ直接問い合わせをお願い致します。

PDFブローシャダウンロード：　https://drive.google.com/file/d/1nU6MI-rj7f4XdHGmPyDmChVJooORZ9kL/view?usp=sharing

--------

Hello ,

Hope you are doing well!

Network Intelligence - a 20-year old global cybersecurity firm offering assessment and advisory services along with compliance consulting & certification for standards like PCI DSS, PA DSS, GDPR, ISO 27001. Apart from the consulting services, we do provide specialized trainings for professionals in the cybersecurity domain.

Network Intelligence has scheduled a 3 day CWASP (Certified Web Application Security Professional) training which focusses on a comprehensive coverage of web application security. It presents security guidelines and considerations in web applications development. The participants will learn the basics of application security, how to enforce security on a web application, Basics of Threat Modeling, Threat Profiling, OWASP Top Ten Testing, Black Box Testing, and Source Code Reviews.

The CWASP training is designed to provide professionals a hands-on experience of implementing security measure for safeguarding web applications through case studies and examples. The CWASP training is a 12 hours of online training spread across 3 days 4 hours each day and the workshop module is for 12 hours which includes 11 hours of training sessions followed by 1-hour online examination. The Training details are under:

• Date: : August 23- 25, 2021
• Time: 6 00 Am – 10 00 Am (GMT)
• Duration : 4 hours for 3 days (12 hours of online training)
• Mode: Online - Microsoft Teams
• Cost: USD $ 150 for Non ISC2/ISACA Members, USD $ 120 for ISC2/ISACA Members
• Registration link: https://bit.ly/3AhErjW

Below is the course outline of the training for your reference.

Certified Web Application Security Professional (CWASP) – 3 Days course contents

Session 1: Introduction & Case Studies
• Introduction to Web Applications & Web Application Architecture.
• HTTP Protocol Basics.
• HTTP Attack Vectors
• Introduction to Application Security.
• Application Security Risks.
• Case Studies.

Session 2: OWASP Top 10 2017 RC2
• What is OWASP
• OWASP Top 10
• The ‘OWASP Top 10’ for WebAppSec
• A1-Injection
• A2-Broken Authentication
• A3-Sensitive Data Exposure
• A4-XML External Entities (XXE)
• A5-Broken Access Control
• A6-Security Misconfiguration
• A7-Cross-Site Scripting (XSS)
• A8-Insecure Deserialization
• A9-Using Components with Known Vulnerabilities
• A10- Insufficient Logging & Monitoring
• Countermeasures of OWASP Top 10 2017 RC2

Session 3: Beyond OWASP
• CSRF
• Understanding the vulnerability
• Discovering the vulnerability
• Attacking the Issue
• Impact & Countermeasure
• SSRF
• Understanding the vulnerability
• Discovering the vulnerability
• Attacking the Issue
• Impact & Countermeasure

Session 4: API Insecurity
• API Insecurity
• Introduction to API & API Security
• SOAP vs REST
• Case Studies
• Common API Vulnerabilities
• API Assessment Approach
• How to stop API Attacks?

Session 5: Practical Tips for Defending Web Application & API
• Common Mistakes in Development
• Security Best Practices for Web Application & API Security
• Secure SDLC
• Threat Modelling
• Source Code Review
• VAPT

Please suggest your interest for the participation and do advise if you require any further information and I will be much happy to assist you.

Thank you and I look forward to your participation.

Regards,

Pushpanjali
Training Consultant
Email : pushpanjali.s@niiconsulting.com
Website : www.niiconsulting.com
Network Intelligence (I) Pvt. Ltd.
Institute of Information Security
New York | Dubai | Mumbai | Singapore