Course Description
Web applications rely on numerous underlying infrastructure components including PKI. Discover the overall web application ecosystem with a focus on the OWASP Top 10 for 2017.
Learning Objectives
OWASP: Top 10 & Web Applications
- identify common web application security issues and their impact, including embedded web apps in IoT devices
- define how tools such as Nmap, Metasploit and Nessus can be used for benign and malicious purposes
- recognize how the OWASP Top 10 helps to secure web applications
- recognize OWASP security tools
- identify common web application architecture and development techniques and the role that clients and servers play
- recall how TLS supersedes SSL and tools such as SSL Labs can test PKI implementations
- recognize how PKI certificates can enhance web application security
- configure an HTTPS binding for a Microsoft IIS web site
- configure a Microsoft IIS web site to require client certificates
- configure an HTTPS binding for a Linux Apache web site
- scan a public Internet site's PKI configuration to determine the security posture of the site
- implement measures to secure the web application environment