OWASP

Service Description

What’s Covered in OWASP Security Training? Pheniix’s OWASP offering covers the most recent Top 10 risk assessment, which was released in 2017. These risks include: Injection: Injection flaws such as NoSQL,SQL,OS and LDAP allow attackers to gain privileged access by sending untrusted data as part of a common query. Learn to identity and remediate injection risks with our OWASP offering. Broken Authentication: Improper authentication lets attackers gain access to network services or spoof user accounts. Training from Pheniix helps IT pros find and mitigate authentication issues. Sensitive Data Exposure: Web apps and third-party APIs don’t always protect data in transit or at rest. Improved knowledge of encryption and obfuscation reduces the chance of a critical data breach. Broken Access Control: Permissions and restrictions are necessary to ensure corporate application access is effectively gated and controlled. Improper deployment and enforcement, however, can lead to serious security issues. Our OWASP coursework helps IT pros identify access concerns before they put users (and data) at risk. Security Misconfiguration: The most commonly-seen issue on OWASP’s Top 10, security misconfiguration is often the result of limited (or absent) infosec policy. Learn how to create and implement effective security controls, schedule regular upgrades and assess current configurations. Cross-Site Scripting (XSS): Still one of the most popular threat vectors, XSS attacks occur whenever apps use untrusted data in a new web page without proper permission. Pheniix's OWASP training can help IT pros recognize and mitigate common XSS risks. Insecure Deserialization: Deserialization flaws can lead to remote code, replay, injection and privilege escalation attacks. Learn to spot these flaws before they cause serious harm. Using Components with Known Vulnerabilities: Given the sheer number of apps now used by organizations, it makes no sense to build applications from the ground up. The solution? Open-source and third-party APIs and other components that permit common functions. The risk? Known (and unknown) vulnerabilities that can compromise privileged applications to cause data loss or server takeover. Pheniix training helps infosec experts balance speed and security in enterprise application deployment. Insufficient Logging and Monitoring

Cancellation Policy

Please read our policy before anything else! https://www.pheniix.com/impressum For cancellations, please contact us at least 48 hours in advance to avoid being charged. Best regards, Pheniix

Contact Details