thePHP.cc Logo Deutsch Contact
Web Security 360

Web Security 360

When applications on the Internet are exposed to potential attacks around the clock, then security should not just play a secondary role. This is not only true for business-critical applications, but also for any processing of personal and confidential data. Even if applications don't seem particularly important or worth protecting, security vulnerabilities make them a gateway for attacks from inside and outside.

Based on OWASP Top 10 , Security by Design, IT-Grundschutz , and GDPR compliance , numerous other important aspects of web security are covered, including authentication mechanisms such as WebAuthn or best practices for designing and implementing secure APIs.

The content and focus of the training is continuously updated to take new developments in security research and new attacks into account.

Learning Objectives

Target Audience

This training is designed for developers, DevOps, and other stakeholders who want to build and operate secure web applications or need to increase the security level of existing applications.

Requirements

Basic knowledge of PHP or a similar programming language is required, as well as experience in creating or running web-based applications.

Web Security 360 2376,- EUR 24 Credits

12 Online Sessions á 120 minutes

  1. XSS & Content Security Policy

    Duration: 120 minutes

    198,- EUR
    2 Credits

    Cross-site scripting can be effectively prevented, not least through the use of a content security policy.

  2. Injection Attack

    Duration: 120 minutes

    198,- EUR
    2 Credits

    Whether accessing the database or using external services: does your application cope with manipulated inputs and outputs?

  3. Security-relevant headers

    Duration: 120 minutes

    198,- EUR
    2 Credits

    For optimum security, browsers today expect a large number of additional headers. Arne Blankerts shows which ones you should be aware of.

  4. Attacking the session

    Duration: 120 minutes

    198,- EUR
    2 Credits

    Session confidentiality is a fundamental core element of most web applications. It's high time to protect it properly.

  5. Transport Security

    Duration: 120 minutes

    198,- EUR
    2 Credits

    Today, nothing works without encrypted transmissions. Arne Blankerts shows how to properly secure servers and interfaces with TLS and co.

  6. Authentication

    Duration: 120 minutes

    198,- EUR
    2 Credits

    A modern login involves more than just a classic password request. Learn how to implement a secure login.

  7. Authorisation

    Duration: 120 minutes

    198,- EUR
    2 Credits

    Insufficient access protection, extension of rights or indirect, unauthorised access: Learn how to avoid authorisation errors.

  8. Cross-Origin Resource Sharing (CORS)

    Duration: 120 minutes

    198,- EUR
    2 Credits

    Cross-Origin Resource Sharing is a standard mechanism for the controlled integration of distributed web applications. Learn how to implement it correctly and securely.

  9. API Security

    Duration: 120 minutes

    198,- EUR
    2 Credits

    Automated interfaces accessible via the internet require a special level of security. Learn what to look out for during API development and operation.

  10. GDPR & Co

    Duration: 120 minutes

    198,- EUR
    2 Credits

    The GDPR places high demands on the security of servers, applications and data storage.Learn how you should set up your application so that you don't run into any problems with the GDPR.

  11. On the way to production

    Duration: 120 minutes

    198,- EUR
    2 Credits

    Secure deployment and management of access data: Just two of many questions on the way to live operation.

  12. After the launch

    Duration: 120 minutes

    198,- EUR
    2 Credits

    Whether patch management or monitoring, there are many things you should pay attention to in addition to further development during operation.

Your Trainer

Arne Blankerts Arne Blankerts has solutions ready before others have even understood the problem.

Request notification

We will be happy to inform you by e-mail when a specific date for this training has been set.
Please enter your e-mail address here.

Request exclusive training

We will be happy to contact you to plan an exclusive training.
Please enter your e-mail address here.

We only use the data entered here to send the requested information.

Thank you for your interest!

Please give us a little more context:

Thank you for your interest!

We will contact you as soon as a date has been fixed.

We will get back to you as soon as possible.

Book training

Training X

    An error has occurred during processing. Please check the marked fields.

    Education Flat Rate

    This training can also be attended as part of our education flat rate.

    Are you already a customer of our education flat rate? Then please register for this training via the dashboard. Please contact us if you do not yet have access to your dashboard.

    Not yet a customer of our education flat rate? Then you can find all the information you need here .

    Account Information

    Participant details

    Contact information

    Billing address

    Our offer is aimed exclusively at companies.

    All prices are subject to the statutory VAT applicable at the time of invoicing.

    After we receive your booking, you will receive your invoice from us the next working day and we will contact you by email to request the contact details of the participants.

    We use the data collected via this form exclusively for contract processing.

    Voucher

    Booking

    Thank you for your booking!

    You will receive your invoice from us the next working day, and
    we will contact you by e-mail to ask for the contact details of the participants.

    Wir haben an die übermittelten Kontaktdaten bereits eine Einladung verschickt.

    Exclusive and customized?

    We are happy to conduct any training exclusively online ("in-house") for you. We adapt the content and focus to your specific wishes and needs and optionally work with examples directly from your code base.