Voice Search
Voice Search

Securing Web Applications, Services and Servers Training - Classroom


Rated 9.2 out of 10 based on over 6708 reviews

Free course advice
Learn more about how we use your data

What is the Securing Web Applications, Services and Servers Training course?

The Securing Web Applications, Services and Servers course, will provide you with an in-depth, interactive experience, helping you to learn more about securing Web-based applications and the servers they’re run on.

Throughout this course you’ll gain the knowledge required to integrate robust security measures into a web application development process, through adopting tried and tested architectures and best practises.

Available delivery methods for this course


Key features of the course

  • Delivery Method: Classroom
  • Accredited & Experienced Trainers
  • Duration: 4 Days

Browse classroom dates below






Location Date Duration Price Availability
Live OnlineApr 14th 2020  4 Days£1,995 ex. VATAvailable
Enquire now
Book now
LondonMay 4th 2020  4 Days£1,995 ex. VATAvailable
Enquire now
Book now
Live OnlineMay 4th 2020  4 Days£1,995 ex. VATAvailable
Enquire now
Book now

Is the Securing Web Applications, Services and Servers Training course right for me?

While there are no prerequisites to enrol on this course, having a basic knowledge of website application operation and website server administration is assumed.

You should also have a basic understanding of website browser and server operation, session management and ideally some basic HTML experience.

Why Choose e-Careers?

e-Careers has partnered with The Learning Tree, to offer a range of courses, delivered via high-tech classrooms or virtual learning, depending on your requirement.

We are an award-winning, established eLearning course provider, with over 16 years’ experience in the industry.  We offer high-quality training courses at competitive prices.

What will I learn on this course?

Throughout this course you’ll learn how to implement and test secure website applications in your business and identify, diagnose, and remediate the OWASP top ten website application security risks.

You’ll also learn how to configure a website server, encrypting website traffic with HTTPS and know how to protect Ajax-powered applications. Finally, you’ll discover how to prevent JSON data theft and understand how to secure XML website services with WS-Security.

Classroom-based Training 

 e-Careers were originally an online learning organisation but over time we’ve established additional learning methods, to provide our delegates with a variety of study options, including:

  • Bespoke training
  • Classroom-based training
  • On-site training
  • LiveOnline (virtual learning)

The Classrooms

Our classroom training centre is in London, Euston, conveniently located directly opposite Euston station, making transport and accessibility easier.

Our clean, high-tech classrooms provide a comfortable learning environment for our delegates, and we pride ourselves on providing a first-class training experience. You’ll notice this from your first steps in our London training centre, right through to your last day on the course, helping you to feel welcomed and comfortable. 

Each classroom has been designed to perfectly suit the courses being offered. For example, our Cyber Security classrooms come kitted out with a range of high specification PC’s (typically i7’s), with monitors for you to work through the practical assignments and an additional vertical screen to view your digital course materials.

Your instructor will use cutting-edge technology to ensure a high-quality learning experience for all delegates, including the latest annotation hardware and software.  

Alternatives to Classroom-based study

We understand that not every delegate has the same date availability or can’t make it to London, so we have created a range of suitable alternatives, including:  

  • LiveOnline – This is our virtual classroom option. Be a fully participating and integrated member of the classroom but from the comfort of your own home or office. We supply you with a headset (to enable you to speak with the class and course instructor), course materials and everything you need to fully participate with the class. 
  • eLearning – This is our Online/ Distance learning option. If a classroom or LiveOnline option are unsuitable for your requirements, we do offer a full online course option, where you can study at your own pace and in your own time.

Module outline

Module 1 – Setting the Stage

  • Defining threats to your web assets
  • Surveying the legal landscape and privacy issues

Module 2 – Establishing Security Fundamentals

  • Modelling web security
    • Achieving Confidentiality, Integrity and Availability (CIA)
    • Performing authentication and authorisation
  • Encrypting and hashing
    • Distinguishing public– and private–key cryptography
    • Verifying message integrity

Module 3 – Augmenting Web Server Security

  • Configuring security for HTTP services
    • Managing software updates
    • Restricting HTTP methods
  • Securing communication with SSL/TLS
    • Obtaining and installing server certificates
    • Enabling HTTPS on the web server
  • Detecting unauthorised modification of content
    • Configuring permissions correctly
    • Scanning for file–system changes

Module 4 – Implementing Web Application Security

  • Employing OWASP resources
    • The Open Web Application Security Project (OWASP) top ten
    • Remediating identified vulnerabilities
  • Securing database and application interaction
    • Uncovering and preventing SQL injection
    • Defending against an insecure direct object reference
  • Managing session authentication
    • Protecting against session ID hijacking
    • Blocking cross–site request forgery
  • Controlling information leakage
    • Displaying sanitized error messages to the user
    • Handling request and page faults
  • Performing input validation
    • Establishing trust boundaries
    • Removing the threat of Cross–Site Scripting (XSS)
    • Exposing the dangers of client–side validation
    • Implementing robust server–side input validation with regular expressions

Module 5 – Enhancing Ajax Security

  • Ajax features
    • Identifying core Ajax components
    • Exchanging information asynchronously
  • Assessing risks and evaluating threats
    • Managing unpredictable interactions
    • Exposing Ajax vulnerabilities

Module 6 – Securing XML Web Services

  • Diagnosing XML vulnerabilities
    • Identifying nonterminated tags and field overflows
    • Uncovering web service weaknesses
  • Protecting the SOAP message exchange
    • Validating input with an XML schema
    • Encrypting exchanges with HTTPS
    • Implementing WS–Security with a framework

Module 7 – Scanning Applications for Weaknesses

  • Operating and configuring scanners
    • Matching patterns to identify faults
    • "Fuzzing" to discover new or unknown vulnerabilities
  • Detecting application flaws
    • Scanning applications remotely
    • Finding vulnerabilities in web applications with OWASP and third–party penetration testing tools

Module 8 – Best Practises for Web Security

  • Adopting standards
    • Reducing risk by implementing proven architectures
    • Handling personal and financial data
  • Managing network security
    • Modelling threats to reduce risk
    • Integrating applications with your network architecture

We’re trusted by

Individuals, small businesses and large corporations who have used e-Careers since 2001. Here are some names you’ll recognise:

Saatchi & Saatchi
American Express

Do you know someone who’d love this course? Tell them about it...