[unisog] SANS Sec542 Web Pen Testing Course at Brown University

Fletcher, Robert Robert_Fletcher at Brown.edu
Sun Aug 30 21:55:10 GMT 2009


Monday, October 5, 2009 through Saturday, October 10, 2009, Brown University
will be hosting SANS Security 542 "Web App Penetration Testing and Ethical
Hacking."

About the class:

Web applications are a major point of vulnerability in organizations today.
Web app holes have resulted in the theft of millions of credit cards, major
financial and reputational damage for hundreds of enterprises, and even the
compromise of thousands of browsing machines that visited Web sites altered
by attackers. To learn how to prevent such exploits, students in this
intermediate to advanced level class, will:

* Learn the art of exploiting Web applications so they can find flaws in
their enterprise's Web apps before the bad guys do. Through detailed,
hands-on exercises students are taught the four-step process for Web
application penetration testing. 

* Inject SQL into back-end databases, learning how attackers exfiltrate
sensitive data.

* Utilize Cross-Site Scripting attacks to dominate a target infrastructure
in our unique hands-on laboratory environment.

* Explore various other Web app vulnerabilities in depth with tried-and-true
techniques for finding them using a structured testing regimen.

* In short, learn the tools and methods of the attacker, so that they can
become powerful defenders.

Recommended for:

General security practitioners, as well as Web site designers, architects,
and developers, who'll benefit from learning the practical art of Web
application penetration testing.


ADDITIONAL INFORMATION and REGISTRATION:

http://www.sans.org/providence09_cs/description.php?tid=3537


Bob Fletcher
IT Security Engineer
CIS Information Security Group
Brown University
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3094 bytes
Desc: not available
Url : http://lists.sans.org/pipermail/unisog/attachments/20090830/388dce41/attachment.bin 


More information about the unisog mailing list