Security is paramount when developing applications for the web. Every year we hear about high profile companies losing sensitive data to intruders, and mainly compromises originate from their web presence. The best way to achieve a truly secure web application is to build that application with security in mind from the start. Join us as we investigate common mistakes and failing in web security, and teach you how to build truly secure web applications from the ground up.What Will You Learn?After completing this course, you will be prepared to incorporate standard, best practice security measures into your PHP applications. You will be able to identify the most common types of vector attacks and industry experienced vulnerabilities allowing you to monitor and fortify your application code against them.What Will You Be Able to Achieve?Building truly secure web applications with confidence and aptitude.Ensure that your application and company avoid an embarrassing hack or data breach.Be sure that you understand and can mitigate the most common web security failings, and understand why “Security First” is the best possible way to code.Read our Frequently Asked Questions for more information.AudienceThis course is designed for intermediate to experienced PHP application developers who are looking to enhance their skills and be able to learn or implement security best practices. It is also appropriate for intermediate PHP and professional developers who are interested in studying early on how to build security into the applications as part of their learning process.PrerequisitesBasic to advanced knowledge of PHP 5 is recommended including experience developing PHP 5 applications. Class FormatThis online class provides instructor-led 2 hour long lectures coupled with practical examples and student exercises. You will be given a participant course guide, to help you follow along with the lectures and exercises, as well as the solution code to the security practice application. This class can be also delivered by an instructor on site.Registration, Terms, and ConditionsTraining registration and policies.Training terms and conditionsClick the button below to register for this class at any of our regular posted dates and times.$695.00BUY NOWIf you have any questions, please contact us at [email protected].Class ScheduleOur class schedule is updated regularly. Click below to view the upcoming class schedule or to inquire about unlisted dates or times.VIEW SCHEDULE REQUEST NEW DATE AND TIMESpecial Offer: Interested in taking additional classes and achieving certification? Check out our bundle discount and save more! We recommend:A-Zend for Experienced PHP Programmers BundleNote: After you have purchased your Zend online training course, you will receive an email detailing the registration process.If you have any questions please contact us at [email protected].Class OutlineConceptsWhat is SecurityDefense in DepthBasic Security RulesBuilding Secure Web Applications GuidelinesOpen Web Application Security Project (OWASP)Web Application ExploitsRisk ManagementInjectionAttacksSQL InjectionXSS InjectionCross-site forgeries (CSRF)Brute ForceBroken Authentication and Session ManagementInsecure Direct Object ReferencesSecurity MisconfigurationInsufficient Cryptographic StorageMissing Function-Level Access ControlUsing Components with Known VulnerabilitiesInvalidated Redirects and ForwardsPreventionSecure ConfigurationAuthentication TechniquesPassword Cryptography Hermetic Filtering/Validation/Escaping TechniquesHandling Asynchronous Web Calls (AJAX)Lock down Database SecurityEmploying Access Controls and Handling Account Lockouts (ACL)White Listing TechniquesUsing an API Framework (Apigility)Creating a Standard Review ProcessCaptchas, Tokens and Session ManagmentCryptographic Storage TechniquesExtension EvaluationSecuring File UploadsLoggingWeb Server SecurityResourcesAdditional Learning ResourcesSecurity StandardsPenetration TestingPerformance Tools
