בניית יישומים מאובטחים
Although application security is a relative old subject, most of the focus till few years ago was on securing the network infrastructure (e.g. firewalls, VPNs etc.), and the servers Operating Systems (e.g. patch management systems). In the last years focus has been shifted from the network and the infrastructure to the application layer. This is due to the fact that the infrastructure (i.e. network and OS) security has improved significantly while applications have remained vulnerable, and the application layer has become the main target of attacks. (Most of the cyber attacks today are exploiting application layer vulnerabilities.)
In the course we will learn the different aspects of application security including authentication, authorization, auditing and logging, as well as the existing technologies, standards, and best practices addressing these security requirements. In addition, we will learn how to build secure applications and prevent application layer vulnerabilities. We will analyze application layer vulnerabilities, explain how they are used by hackers to attack the application and/or the system, and discuss the secure coding best practices, and security testing tools used to present these vulnerabilities.
הנושאים שילמדו בקורס: