Web Application Security Fundamentals -OWASP Top 10

Provided by

Enquire about this course


The OWASP Top 10 is the industry standard for secure web applications. Globally recognized as the first step towards more secure web application environment. Companies can adopt this standard and start the process of ensuring that their web applications defend against these risks. Learn how to hack the OWASP Top 10 web application vulnerabilities and then how defend your web applications on this interactive & hands-on course.


Day 1
  • Web Application Fundamentals
  • Cloud Architecture
    • Micro Services
    • Dockers & K8's
  • Cyber Security
  • The Hack Chain
    • Recon
    • VulScan
    • Exploit
    • Payload
    • Hack
  • Web App security issues
  • Web vulnerability scanning
  • Secure SDLC
  • DevOps & DevSecOps
Day 2 & 3
  • The OWASP Top 10 learn how to hack & protect each topic with in-depth explanations, live demo's & hands-on labs:
  • Injection
  • Broken Authentication
  • Sensitive Data
  • XML External Entities (XXE)
  • Broken Access Control
  • Security Misconfiguration
  • Cross-Site Scripting (XSS)
  • Insecure Deserialization
  • Using Components with Known Vulnerabilities
  • Insufficient Logging & Monitoring
  • Overview

    This course focuses on common web security attack vectors, how attackers exploit them, and how to prevent the exploits. It introduces the gold standard in open source, web application security: OWASP. Considered the industry standard security resource, OWASP provides tools, standards, guides and much more. Using the OWASP Top 10 is perhaps the most effective first step towards changing the web application security posture of your organisation and this course teaches you the skills you need to master it. Learn through hands-on labs how to exploit web security vulnerabilities and defend against them on the Web Application Security Fundamentals OWASP Top 10 course.

    The Programme

    2 Vulnerable web applications, WebGOAT and Juice Shop, are used to provide 100's of detailed, step-by-step web application hacking labs. Delegates require a suitable Windows 10 laptop with local administrator access to run the labs locally using Docker containers. Full lab setup and introduction to WebGOAT and Juice Shop is covered at the start of the event.


    System administrators, software developers, systems engineers, network engineers, SOC analysts, technical architects, security specialist and other technically capable roles requiring a solid understanding of web application security.

    Similar courses


    Start date Location / delivery
    No fixed date Live Online Book now

    Related article

    Nemstar have recently announced a free webinar for candidates interested in finding out about EC Council SOC Analyst CSA course.