As an operator of web-based applications, you are always exposed to the risk of cyberattacks. Therefore, it is important to thoroughly address the topic of security. In this training, you will learn about various attack vectors on applications and which countermeasures you can take. You will also receive extensive background information on motivation and legal aspects.
Virtualized infrastructure also requires considerable attention. For example, certain rules have been established for the operation of Kubernetes clusters and Docker containers that lead to greater operational security. Databases and NoSQL are also discussed.
The ‘Cloud & Application Security‘ seminar is aimed at web application programmers. The Cloud Security section is aimed at developers working in the areas of DevOps and configuration management. The course content can be tailored to your specific needs via a free preliminary consultation, lasting from 2 to 4 days.
The course is conducted entirely virtually/remotely and can also be booked individually for closed groups or individuals. If you’re interested in the course content, schedule a free consultation today. Each attendee receives a login with access to all paid articles for 12 months.
Content:
- Security as a Non-Functional Requirement
- Legal Framework
- Cybercrime & Cybersecurit
- Expliots, Zero Day & Buffer Overflow
- An Example: Log4J
- 3rd party libraries
- Parallelization & Race Conditions
- OWASP Top 10 Threats
- The Hypertext Transfer Protocol (HTTP)
- Secure Shell (SSH)
- TLS & HTTP(S) Redirects
- General Data Protection Regulation (GDPR)
- Cryptography & Key Exchange
- Authorization & Authentication
- OAuth2, OpenID Connect & SAML2
- API Securi
- Hash Methods and Password Security
- Attack Vectors
- Parameters, Variables & Forms
- Sessions, Cookies & How to Generate Randomness
- Preventing SQL Injections
- Content Security Policy
- DevSecOps
- Cloud
- Kubernets
- Docker
- Linux