- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
select a course
- Vendor Events
- Hotel & Travel Info
- General Info
- Faculty
- Vendor Expo
- Special Events
- SANS @Night
- Brochure (PDF)
Excellent, relevant, immediately useful information. I can't wait to get back to the office to try it out.
-Steve Zehl, USGS
Developer 538
2 Day Course
Upcoming Events
No Events Scheduled At This Time
Please Check Back
Click for Calendar of Events
Work Study opportunities still available for Software Security Series 2007. Please visit Work Study Facilitator Page to submit an application.
No matter your organization's size, budget, or regulatory environments, SANS courses are the best security dollars you can spend.- John Medic, ScriptPro
Intro to Pen Testing Web Apps
Please see the specific event details for Faculty Information.6 CPE Credits Per Day
This course is a hands on course, it is crucial that attendees follow the laptop requirements and bring their laptops to class ready to participate.
If your organization has a web application (who doesn't), it is probably under attack every single day. We regularly come across headlines of online retailers, social sites and banks' websites getting compromised. Successful attacks against websites using application level flaws are very common nowadays. Would you want hackers to be the first to test the security posture of your critical web applications? If you don't, security testing for web application during and after development is absolutely necessary. This two day course starts off with a discussion on software security testing and how it fits into the development lifecycle. We will discuss testing methodologies that are sensible and practical, so you can apply these testing concepts to any of your web applications.
Testing web applications manually can be very time consuming and not very practical. To ensure you feel confident about testing web applications, we introduce you to many web application security testing tools. We will fill your arsenal with the right tools to get the job done.
Throughout the two days, you will be using the testing concepts learned in class to test some vulnerable web applications. The target applications are as realistic as possible. The labs are structured so the novice and the intermediate students can both enjoy the learning experience . you will not be bored during the labs. This class gives you the know-how to test common vulnerabilities in web applications so you can hit the ground running when it comes to testing web application's security posture.
Course Prerequisites
This course assumes an understanding of web applications vulnerabilities. SANS SEC519 course (Web Application Security Workshop) or equivalent is highly recommended.
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy