Educational Services Course Information SPI Dynamics Headquarters 115 Perimeter Center Place, N.E. Suite 1100 Atlanta, GA 30346 Toll-Free: 1.866.SPI.2700 (1.866.774.2700) Telephone: (678) 781.4800 Fax: (678) 781.4850 Course Name: Includes WebInspect Certification Format: Course Goal: Instructor Led; Classroom Web Application Security Assessment Using a combination of manual and automated investigative techniques, students will learn to perform comprehensive Web application security assessments and identify unique Web application security vulnerabilities, including source disclosure, hidden content, SQL Injection, Cross-Site Scripting and various forms of parameter manipulation. This course is designed for security practitioners with direct responsibility for web based application security. Beginning with a comprehensive overview of Web application security the student is introduced to a variety of discrete (SPI Toolkit) tools and techniques for identifying and validating vulnerabilities on target websites. Tools include SPI Proxy, HTTP Editor, Encoders, SQL Injector and WebDiscovery. Day two is a comprehensive course on deploying and using WebInspect in a variety of assessment environments and modes. On day two we use WebInspect to scan our target site(s) and the tools from day one to perform more discrete analysis and validation of the vulnerabilities. The third day is an "assessment challenge" comprising a series of labs in which students apply everything they know using both manual and automated approaches to isolate, identify and exploit vulnerabilities on a series of target sites. Learning objectives for this course include: Using the SPI Dynamics Tool Kit Manual security assessment techniques Detecting and explaining specific vulnerabilities Automated Assessments Using WebInspect Interpreting assessment results Recommendations for remediation Audience: Description: Duration: Availability: To Register: 3 Days Please see the online registration for scheduled dates and locations. Please contact education@spidynamics.com for scheduling information. Please contact education@spidynamics.com to register.