Crash Course Series

Defending Against the Most Common/Critical Web Application Vulnerabilities

Register Now!

Crash Course Series

This new Crash Course webinar training series will focus on defending against common/critical web application vulnerabilities, starting with secure design and coding practices. The series give you a better understanding of defensive tactics you can use to secure your apps against exploitation.

Throughout the course, you will learn using real-world examples taught by the senior trainer who runs the WhiteHat Academy for our Threat Research Center.


Technical Topics

Sensitive Data Exposure: Introduction to web application security concepts, Testing Methodologies,Threat Modeling, the Reconnaissance Phase of Testing, Information Leakage, Fingerprinting, Directory Indexing, and Server/Application Misconfiguration

Injection-Based Vulnerabilities: Improper Input Handling, SQL and XML Injection, Injection in Conjunction with Social Engineering, Cross Site Scripting, Content Spoofing, and URL Redirector Abuse

Broken Authentication/Access Control: Brute Force, Insufficient Authorization/Authentication, Insufficient Session Expiration, Session Prediction, and Cross Site Request Forgery


Who Should Attend

  • Application developers, security analysts, architects, managers, or auditors
  • Any security professionals interested in learning more about how web application security is key to vulnerability management


Register for a single course or the entire webinar series. Each webinar is two hours long. Attendees will receive a Certification of Completion for CPE credits after each session.

Part 3: Broken Authentication/Access Control
Tuesday, June 5, 2018 at 10:00am PT

  • Brute Force
  • Insufficient Authorization
  • Insufficient Authentication
  • Insufficient Session Expiration
  • Session Prediction
  • Cross-Site Request Forgery


Kimberly Chung

Application Security Engineer
WhiteHat Security