CAST-613 is a well known Global certification from EC-Council.
Hardening your own Corporate Web App/Web Site
We normally focus and secure all the devices connected in our network.
We continously monitor the traffic generated in/out of the network and try doing regular VA /PT by auditing and patching the vulnerability.
BUT we forget to pay attention towards Application-level attacks.
It is necessary that we secure our Application and provide secure code and make tough for hackers to get inside the Application.
This will enable us to protect our information present in the database which should not be exposed.
So here comes CAST-613 Advance Application Security course in India.
QUIK is the first Institute to take initiative to create more awareness and do hard code manual testing Vs. Automated testing and path towards the secure data by providing good education.
CAST-613 is different because we have 3 sites hosted on Amazon
One is Vulnerable site , Second is Secure site and third is attacker site.
WOW........Until unless you do the labs .....U cannot feel it.
OWASP TOP 10 and TOP 25 ERRORS are very important to map with PCI-DSS controls.
Introducing the vulnerable website, monitoring and composing requests using a common proxy like Fiddler, Paros or Burp Suite. Modifying requests and responses in Fiddler to change what goes out and what comes in before Browser Renders it.
We need to understand XSS,SQL inj ,CSRF , Clickjacking attacks which makes hacker very easy to spoil the site and insert malicious code.
So. BE SECURE......SECURE CODE.
HOPE YOU ALL ENJOY READING.........This is my first Blog on demand of my students and will keep writing on lots of topics.
Thanks all to my students who have encouraged me for writing....
Geeta Singh
We continously monitor the traffic generated in/out of the network and try doing regular VA /PT by auditing and patching the vulnerability.
BUT we forget to pay attention towards Application-level attacks.
It is necessary that we secure our Application and provide secure code and make tough for hackers to get inside the Application.
This will enable us to protect our information present in the database which should not be exposed.
So here comes CAST-613 Advance Application Security course in India.
QUIK is the first Institute to take initiative to create more awareness and do hard code manual testing Vs. Automated testing and path towards the secure data by providing good education.
CAST-613 is different because we have 3 sites hosted on Amazon
One is Vulnerable site , Second is Secure site and third is attacker site.
WOW........Until unless you do the labs .....U cannot feel it.
OWASP TOP 10 and TOP 25 ERRORS are very important to map with PCI-DSS controls.
Introducing the vulnerable website, monitoring and composing requests using a common proxy like Fiddler, Paros or Burp Suite. Modifying requests and responses in Fiddler to change what goes out and what comes in before Browser Renders it.
We need to understand XSS,SQL inj ,CSRF , Clickjacking attacks which makes hacker very easy to spoil the site and insert malicious code.
So. BE SECURE......SECURE CODE.
HOPE YOU ALL ENJOY READING.........This is my first Blog on demand of my students and will keep writing on lots of topics.
Thanks all to my students who have encouraged me for writing....
Geeta Singh
No comments:
Post a Comment