Improving Web Security for Web Developers


Course Facts

  • 2 day course
  • Our Trainers are Authorised Professionals
  • Live Online or Classroom-based
  • Certificate of completion
  • Maximum class size of 6 for scheduled courses
  • Unlimited support after your course
  • Courses at all levels: Introduction, Intermediate, Advanced and Masterclasses

Course Outline

  • What is web security?
  • Delegates will learn how to identify:
  • Who poses a security risk
  • Security Breach Targets and Techniques
  • Target areas
FULL OUTLINE

Private One-to-One Training

One-to-one tuition tailored to your exact requirements. Your choice of duration, dates and content.

Enquire Now

Team Training for Companies

Group bookings provide you with the most cost-effective way to train your team.

Enquire Now

Team Training and Bespoke Sessions

Booking a private training session allows you to focus on your exact needs on dates that work best for you or your team.

  • Sessions can be run online or in person, on your site or at our London training centre.
  • We manage training for many of the UK’s largest companies, taking care of all the admin, working with you to ensure the perfect course.
  • Our expert trainers will first understand your requirements and then tailor each session to your exact specification.
  • We offer a free consultation service to work out every detail of your course.

Prices for bespoke sessions with our expert trainers start at £525 + VAT.

Overview

The course introduces junior and middleweight web developers as well as project managers to the concepts of web security in order to minimise the risks posed by website security breaches to both organisations and the public. From an introduction to security breach issues, through to a review of security coding strategies and practical workshops, delegates will gain an extended knowledge to help them build web applications that are safer for both the organisation, its clients and the public to use.
Read More...

Course Outline

What is web security?

  • From a non-technical perspective, this section of the course will expose the delegates to the different issues surrounding web security, including identifying who may cause a security breach, the situations that may lead to a security breach and an identification of the methods that can be used to eliminate the majority of security breaches.

Delegates will learn how to identify:

Who poses a security risk

  • Different security breach levels of a web system
  • Potential consequences of security breaches
  • Types of web security solutions
  • How to strike a balance between security and functionality

Security Breach Targets and Techniques

  • During this section of the course, delegates will learn the 3 main areas that a website can be attacked and the methods that a hacker can use to manipulate a website or web system into providing unauthorised access or alteration of information. Delegates will learn about:

Target areas

  • Databases
  • Server scripts
  • Front-end

Techniques

  • SQL Injection
  • XSS (Cross Site Scripting)
  • E-mail Injection
  • FTP
  • Form Spoofing

Security Coding Strategies Workshop

  • This section of the course will be used to engage delegates in using the previously identified security breach techniques in developing a real application, showing how the system can be manipulated by the previous hacking techniques and how security can be efficiently built into the code.

SQL Injection

  • By-passing a user sign-in form without using a password
  • Finding information about a database structure by using SQL injection to cause errors that reveal information about table names and their fields
  • Methods and design patterns to eliminate SQL injection

E-mail Injection

  • Hijacking and sending an e-mail to multiple people from a contact form
  • Protecting against e-mail injection

XSS (Cross Site Scripting)

  • Stealing of passwords and session hijacking
  • Methods and code patterns to protect against cross-site scripting.

Form Spoofing

  • Ordering a product from an e-commerce shop without making payment
  • Developing processing scripts that will only accept information sent from trusted IP addresses
  • Creating encrypted authentication keys based on a mixture of fixed and variable information such as a system password, user provided name and IP address

Multi-location Storage Strategy

  • Storing information across multiple server locations to minimise the effect of security breaches
  • Developing an API based framework to allow a system to be stored across multiple servers and use multiple databases to obtain store information

Our Clients

Our Recent Success Stories

InDesign Training

InDesign

Cassie's Story

Designer at Dixon Interiors

Photoshop Training

Photoshop

Kiren's Story

Marketing Manager at Dataminer

eLearning Training

eLearning

Julie's Story

Learning Technologist at Imperial College

30 years working with our clients
Five Star Training Five Star Training Five Star Training Five Star Training Five Star Training   600+ Reviews

Why Transmedia?

Unlimited Training Support

We offer unlimited training support after your course.

Bespoke Training Solutions

Customised training and software solutions based on your exact specification.

Worldwide Creative Skills Training

Join our authorised training courses live online from anywhere in the world.

Authorised Training Professionals

Our experts are accredited by Adobe, Apple and Claris and bring years of experience and real-world expertise.

Courses Live Online

Join our virtual classrooms to learn from the comfort of your own space in real time from our accredited training experts.

SEE COURSES

Classroom Training

Join us at one of our Authorised Training Centres for a traditional classroom-based experience.

We have everything ready for you to have the best training experience.

SEE COURSES

Private Courses

One-to-one tuition or a private group training with just you or your colleagues.

We can train you live online, at one of our centres or onsite, wherever you are located.

SEE COURSES

Latest Help Station Articles