GWEB Certification Details - Zetlan Technologies

Login Signup

info@zetlantechnologies.com +91-8680961847

/ GIAC Certification / GWEB Certification

GIAC Certified Web Application Defender (GWEB)

Practitioner Certification

The GIAC Web Application Defender (GWEB) certification allows candidates to demonstrate mastery of the security knowledge and skills needed to deal with common web application errors that lead to most security problems. The successful candidate will have hands-on experience using current tools to detect and prevent input validation flaws, cross-site scripting (XSS), and SQL injection as well as an in-depth understanding of authentication, access control, and session management, their weaknesses, and how they are best defended. GWEB candidates have the knowledge, skills, and abilities to secure web applications and recognize and mitigate security weaknesses in existing web applications.

Areas Covered

Access Control, AJAX Technologies and Security Strategies, Security Testing, and Authentication
Cross Origin Policy Attacks and Mitigation, CSRF, and Encryption and Protecting Sensitive Data
File Upload, Response Readiness, Proactive Defense, Input Related Flaws and Input Validation
Modern Application Framework Issues and Serialization, Session Security & Business Logic, Web
Application and HTTP Basics, Web Architecture, Configuration, and Security

Who is GWEB for?

Application developers
Application security analysts or managers
Application architects
Penetration testers who are interested in learning about defensive strategies
Security professionals who are interested in learning about web application security
Auditors who need to understand defensive mechanisms in web applications
Employees of PCI compliant organizations who need to be trained to comply with PCI requirements

Exam Format

1 proctored exam
75 Questions
3 hours
Minimum passing score of 68%

Note:GIAC reserves the right to change the specifications for each certification without notice. Based on a scientific passing point study, the passing point for the GISF exam has been determined to be 72% for all candidates receiving access to their certification attempts on or after June 12th, 2018.

Delivery

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE.

Course Details

1. GIAC Certified Web Application Defender

Access Control

The candidate will demonstrate understanding of access control attacks and mitigation strategies, as well as applying the best practice in avoiding access control issues.

AJAX Technologies and Security Strategies

The candidate will demonstrate an understanding of Asynchronous JavaScript and XML (AJAX) architecture, common attacks against AJAX technologies and best practices for securing applications using AJAX.

Authentication

The candidate will demonstrate understanding of web authentication, single sign on methods, third party session sharing and common weaknesses, as well as how to develop test strategies, and apply best practices.

Cross Origin Policy Attacks and Mitigation

The candidate will demonstrate an understanding of methods attackers use to circumvent single origin policy enforcement and best practices for preventing, detecting or mitigating these attacks in web applications.

CSRF

The candidate will demonstrate understanding of the conditions that make a CSRF attack possible, the steps an attacker takes and how to mitigate CSRF attacks.

Encryption and Protecting Sensitive Data

The candidate will demonstrate understanding of how cryptographic components work together to protect web application data in transit and in storage and also when and where to use encryption or tokenization to protect sensitive information.

File Upload, Response Readiness, Proactive Defense

The candidate will demonstrate an understanding of incident response as well as file upload, logging, and anti automation issues

Input Related Flaws and Input Validation

The candidate will demonstrate understanding of SQL injection, Cross site Scripting, HTTP Response splitting, and how to protect against them with proper input validation

Leading Edge Technologies and Web Security

The candidate will demonstrate an understanding of leading edge web application security issues and technologies

Modern Application Framework Issues and Serialization

The candidate will demonstrate understanding of miscellaneous security technolgies and techniques associated with web application security including REST, Java Frameworks, Serialization, and Browser Defense

Security Testing

The candidate will demonstrate an understanding of how to detect and respond to incidents and conduct security testing in the web application environment.

Session Security & Business Logic

The candidate will demonstrate understanding of what sessions are, how to test and mitigate common weaknesses, and how to properly implement session tokens and cookies in a web application as well as security issues associated with business logic.

Web Application and HTTP Basics

The candidate will demonstrate understanding of the building blocks of web applications and how components work together to provide HTTP content as well as high level attack trends.

Web Architecture and Configuration

The candidate will demonstrate an understanding of web application architecture and controls needed to secure servers and services that host web applications.

Web Services Security

The candidate will demonstrate an understanding of Service Oriented Architecture (SOA), common attacks against web services components (SOAP, XML, WSDL, etc) and best practices for securing web services.

Video Packages
Online Live Class

Fees Structure :	15500 INR / 185 USD
Total No of Class :	32 Video Class
Class Duration :	30:00 Working Hours
Download Feature :	Download Avalable
Technical Support :	Call / Whatsapp : +91 8680961847
Working Hours :	Monday to Firday 9 AM to 6 PM
Payment Mode :	Credit Card / Debit Card / NetBanking / Wallet (Gpay/Phonepay/Paytm/WhatsApp Pay)

Brochure Buy Now Sample Demo

Fees Structure :	30000 INR / 355 USD
Class Duration :	60 Days
Class Recording :	Live Class Recording available
Class Time :	Monday to Firday 1.5 hours per day / Weekend 3 Hours per day
Technical Support :	Call / Whatsapp : +91 8680961847
Working Hours :	Monday to Firday 9 AM to 6 PM
Payment Mode :	Credit Card / Debit Card / NetBanking / Wallet (Gpay/Phonepay/Paytm/WhatsApp Pay)

Download Brochure Pay Online

Information Technologies

More Info

About Us Contact Us Privacy Policy Terms & Condition Refund Policy FAQs & Help

Account

My Account Course Details Shopping Cart Wishlist Order History Payment Details

Zetlan Technologies, All right reserved.