Training OWASP – comprehensive security testing of web applications

Practical information about training

  • CATEGORY: Security
  • SUBCATEGORY: Governance, Risk and Compliance (GRC)
  • TRAINING CODE: SC-AB-43
  • DURATION: 3 days
  • PRICE INFORMATION from: 3750 PLN net per person
  • TYPE OF TRAINING: closed training
  • LANGUAGE OF TRAINING: polish
  • FORM OF IMPLEMENTATION: stationary, online

Training description

Advanced training covering the full range of web application security testing according to the OWASP Testing Guide methodology. The program focuses on practical application of testing techniques, vulnerability identification and methods for securing web applications. The workshop is implemented in the form of intensive hands-on classes, where participants work on real applications and test scenarios. The training methodology is based on a comprehensive approach to security testing, combining various techniques and tools.

Participant profile

  • Application security testers
  • Pentesters and security auditors
  • Security engineers
  • Web application developers
  • Security architects
  • DevSecOps Engineers
  • Cyber security specialists
  • Security analysts

Agenda

  1. OWASP testing methodology
    • OWASP Testing Framework
    • Security test planning
    • Categorization of vulnerabilities
    • Risk management
  2. Testing techniques
    • Configuration testing
    • Authentication tests
    • Validation of input data
    • Business logic tests
  3. Advanced testing methods
    • API Testing
    • Data layer security
    • Cryptography tests
    • Source code analysis
  4. Reporting and repair
    • Vulnerability documentation
    • Risk assessment
    • Remedial recommendations
    • Verification of amendments

Benefits

The participant will gain comprehensive knowledge of methodical testing of web application security in accordance with OWASP standards. Will develop practical skills in identifying and analyzing a wide range of security vulnerabilities. Will learn to design and implement testing strategies tailored to different types of applications and environments. Will master techniques for effectively detecting and documenting security vulnerabilities. Will be able to perform advanced security testing using professional tools and methodologies. Will gain the ability to formulate practical remediation recommendations and verify the effectiveness of implemented security features.

Required preparation of participants

  • Basic knowledge of application security
  • Knowledge of network protocols
  • Experience in software testing
  • Web application programming basics

Issues

  • OWASP Testing Guide
  • Web Application Security
  • Penetration Testing
  • Authentication Testing
  • Session Management
  • Input Validation
  • Access Control
  • Cryptography Tests
  • API Security
  • Source Code Review
  • Risk Assessment
  • Security Reports

Do you have any questions?
Feel free to contact us.

Justyna Kalbarczyk
+48 516 098 221
justyna.kalbarczyk@eitt.pl
31 Ząbkowska Street
03-736 Warsaw

Forms of training delivery

Stationary training

  • Training at the customer's premises or at a designated location
  • Training room equipped with the necessary equipment
  • Training materials in electronic form
  • Coffee breaks and lunch
  • Direct interaction with the trainer
  • Networking in a group
  • Workshop exercises in teams

Remote training

  • Virtual training environment
  • Electronic materials
  • Interactive online exercises
  • Breakout rooms for group work
  • Technical support during the training
  • Recordings of the session (optional)

Possibility of funding

The training can be financed with public funds under:

  • National Training Fund (KFS)
  • Development Services Base (BUR)
  • EU projects implemented by PARP
  • HR Academy Program (PARP)
  • Regional operational programs

If you are interested in funding, our team will help you prepare the required documentation.

HAVE A QUESTION?

+48 22 487 84 90

biuro@eitt.pl

Contact us for more information about our training, programs and cooperation. We will be happy to answer all your inquiries!

?
?
I have read and accept the privacy policy. *

They trusted us

MAN Truck & Bus Polska Sp. z o.o.
mBank S.A.
AGORA S.A.
Amway Poland
Aptitude
Atende S.A.
Atos Poland S.A.
Becton Dickinson Polska sp. z o. o.
Berner Polska Sp. z o.o.
Credit Information Bureau S.A.
BNP Paribas Polska S.A.
Bridgestone Europe S.A.
Capgemini
CEDC International Sp. z o.o.
Comtegra S.A.
ENERGA Information and Technology
General Directorate of National Roads and Highways.
ING Bank Śląski S.A.
Kredyt Inkaso S.A.
KPMG Ltd.
Leroy Merlin Polska Sp. z o.o.
SII Ltd.
Sopra Steria Polska Sp. z o.o.
Polska Wytwórnia Papierów Wartościowych S.A.
See more

Get to know our company

Who we are

We create
dedicated workshops

Team

A team of experienced
expert practitioners

Accreditations

We focus on the highest quality
training services

Do you have any questions?
Feel free to contact us.

Justyna Kalbarczyk
+48 516 098 221
justyna.kalbarczyk@eitt.pl
31 Ząbkowska Street
03-736 Warsaw

FAQ - Frequently Asked Questions

We offer training in a variety of tailored formats: onsite (at the client's location or our training center), live online interactive with a trainer, and in a hybrid format. Detailed information about the available delivery forms for a specific training is always included in its description on the website.
Open online trainings usually take place from 9:00 - 17:00 Polish time. In the case of closed trainings dedicated to companies, the schedule is flexible and we arrange it individually with the client to best fit the needs of the organization.
We use proven and popular video conferencing platforms, such as Microsoft Teams and Zoom, to conduct interactive online training. They provide seamless communication, the ability to work in groups and direct contact with the trainer. We provide information about the platform used in a specific training to participants before the training begins.
To comfortably participate in the online training, all you need is a standard computer (desktop or laptop) with stable internet access and an up-to-date version of a web browser installed. We recommend using headphones with a microphone for better sound quality and communication, although this is not absolutely required. Having a webcam is usually not mandatory either.
Yes, each participant receives a set of training materials prepared by our experts. We usually provide them in electronic form (e.g., PDF files) a few days before the start of the training, after confirmation of participation and payment.
Upon successful completion of most of our training courses, participants receive a named EITT Certificate of Completion, confirming the competencies gained. In addition, we offer accredited training courses (e.g., ITIL®, PRINCE2®) that prepare for official internationally recognized certification exams. Information about the type of certificate available after a specific training is always included in the detailed description of the training.
The enrollment process depends on the type of training. For open trainings (open to anyone who is interested), you can sign up directly through the application form available on the page of the particular training. If you are interested in closed training (dedicated to employees of one company), please contact us directly by email or phone - we will prepare an offer tailored to your needs.
As standard, the price of the training includes: participation in classes taught by an experienced trainer-practitioner, a set of original training materials in electronic form, and a named EITT Certificate of Completion. For accredited training courses, the price often also includes the cost of taking the official certification exam. The detailed scope of benefits for a given course is always given in its description.
The preferred form of payment for our training courses is by bank transfer, executed on the basis of an issued pro forma invoice or VAT invoice. Detailed information on payment terms and conditions is provided in the process of confirming the enrollment in the training or can be found in the regulations.
Of course! Our specialty is closed-door training, designed "tailor-made" - according to the individual needs and business objectives of a given organization. If you are interested in a topic outside of our regular offerings or would like to modify the program of an existing course, feel free to contact us. We will be happy to prepare a dedicated solution.
We are flexible and adapt to the client's needs. We can organize closed trainings even for small groups - usually the minimum number of participants is 4 people, and the cost is often calculated for the whole group. Taking care of the highest quality and comfort of learning, in case of very large groups (more than 40 people) we usually recommend dividing into smaller teams to ensure effective interaction.
Your feedback is extremely important to us, as it allows us to continuously improve our offerings. After each training session, we send participants a link to a short online evaluation survey. You can also always contact us directly by email or phone to provide your comments.
  1. One-pager invitation with deadlines
  2. Project kick-off
  3. Strategic leadership and thinking
  4. Communication and Cooperation. Conflict management
  5. Motivating, engaging and difficult decisions in business
  6. Managing Change and Innovation. Leadership in crisis
  7. Building the organization of the future
  8. Best practices workshop - retrospective; creating a coherent program for middle and lower management levels

Home Phone Email