OWASP top 10 - API Security training

Hands-on security training on how to use the OWASP API Security Top 10. The most effective first step to improve software development processes and culture within your organization and minimize software risks.

OWASP Security Training Betabit

Security expertise is crucial

Open any newspaper or news app and you will be confronted with ominous news titles exposing the many software risks; digital hazards that organizations face on a daily basis. Data leaks, phishing, and ransomware attacks, caused by poor shielding, bugs, poor security, negligence, indifference or even ignorance. This means that security has become increasingly important in recent years. As a developer, you have to keep up, stay up-to-date, if you want to prevent yourself or your organization from becoming the next victim of one of the many risk factors.

To make developers and other stakeholders more aware of and to arm themselves against these risks, we have developed this training in which we highlight the most common security risks. And in particular, API Security strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of Application Programming Interfaces (APIs).

These most common risks have been identified by the Open Web Application Security Project in the OWASP top 10 and the API Security Top 10. We teach you, among other things, how you can apply the OWASP and API Security top 10 in your software development and ensure that the risks are being minimized.


What will you learn?

The OWASP top 10 and the API Security top 10 represent a broad consensus on the most critical security risks for web applications. There is a lot of overlap between the two and we combine the topics to offer you the most relevant, up-to-date training. We cover: 

  • Broken Object Level Authorization
  • Broken User Authentication
  • Excessive Data Exposure
  • Lack of Resources & Rate Limiting
  • Broken Function Level Authorization
  • Mass Assignment
  • Security Misconfiguration
  • Injection
  • Improper Assets Management
  • Insufficient Logging & Monitoring
  • Cross-site scripting XSS
  • Insecure Deserialization

Knowing and using the OWASP risks is perhaps the most effective first step to improve the software development processes and culture within your organization. In this training, we will therefore work hands-on with these topics.


What does the training entail?

We combine theoretical explanation with practical application. The vulnerabilities from the OWASP top 10 are explained in detail, after which you get to work hands-on in small groups, under the guidance of our trainers. We use a modern application in which we actively look for vulnerabilities. After each assignment, we discuss what has been found, what the cause is, and how we can solve this.

The training takes 1 whole day and will take place online via Microsoft Teams. You can choose from one of these training days:

  • November 3, 2021: 9 AM - 5 PM
  • November 17, 2021: 9 AM - 5 PM
  • December 1, 2021: 9 AM - 5 PM

The training is given by one of our most experienced consultants and the Security Officer of YieldDD: Gerben van de Wiel. In addition, you may have seen him in one of our Betatalks.


Audience

The training is suitable for all developers, architects, and testers who want to know more about software risks, vulnerabilities in applications, and how hackers work in practice. In fact, if you are concerned with these vulnerabilities, knowledge of the OWASP top 10 is actually a must.

Participation costs: €695,- excl. VAT.

We have room for 15 participants per training day. Sign up below and we will contact you shortly.


Register now!


OWASP training

Questions? Johan is happy to help you



Watch our Betatalks episodes