• Online, Self-Paced

A number of high-level security controls such as web application firewalls and secure coding practices go a long way in securing web applications. Explore vulnerability scanning and penetration testing tools and procedures.

Learning Objectives

OWASP: Web Application Security

  • adhere to secure coding guidelines at all phases of the SDLC
  • describe how web application firewalls differ from traditional firewalls
  • configure a web application firewall for a Microsoft Azure web application
  • identify why malicious users and ethical hackers perform network and vulnerability scans
  • recognize the importance of conducting periodic penetration tests
  • perform a network scan using Nmap
  • perform a vulnerability scan using Nessus
  • test the security of a web application using OWASP ZAP
  • discover and test web application security

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.