STAR Web Application Security

www.giac.org

•  
• Overview
  • Mission Statement
  • FAQ
  • Code of Ethics
  • GIAC Ethics Council
  • Code of Ethics - Violation Submission
  • EEOC Policy
  • Proctor Policy
  • Program Overview (PDF)
  • Full GIAC Brochure
  • Contact
• Why GIAC
  Certification Matters
• Certifications
  • Roadmap
  • Steps To
  • Security Admin
    • GAWN
    • GCFW
    • GCIA
    • GCIH
    • GCUX
    • GCWN
    • GISF
    • GSEC
    • GCED
    • GPEN
    • GWAPT
  • Management
    • GISP
    • GSLC
    • GCPM
  • Forensics
    • GCFA
    • GREM
    • GCFE
  • Audit
    • G7799
    • GSNA
  • Legal
    • GLEG
  • Software Security
    • GSSP-NET
    • GSSP-JAVA
  • GSE
  • GSE-Malware
  • GSE-Compliance
  • DoD 8570
  • Retired Certifications
• Certified
  Professionals
  • Listings
    • G7799
    • GAWN
    • GCFA
    • GCFW
    • GCIA
    • GCIH
    • GCUX
    • GCWN
    • GISF
    • GISP
    • GREM
    • GSEC
    • GCED
    • GSLC
    • GSSP-NET
    • GSNA
    • GPEN
    • GCPM
    • GLEG
    • GSSP-JAVA
    • GWAPT
    • GCFE
    • Retired Certifications
  • Profiles From The
    Front Lines
  • Does Certification Really Matter?
  • GIAC Hero
  • Business Card Logos
• GIAC Gold
• GIAC Expert Level
  • GSE
  • GSE-Malware
  • GSE-Compliance
• GIAC Help and Information
• Challenge Info
• Registration Info
  • GIAC Pricing
  • Challenge Certification
• Exams
  • Practice Tests
  • Deadlines
  • Exam Technical Issues
• Proctor Program
  • Program Details
  • FAQ
  • KRYTERION Sites
  • Proctor Policy
  • Proctor Forms
  • Computer Requirements
• Retakes & Extensions
• Certification Renewal – NEW
  • Overview
  • Certification Renewal Handbook
  • FAQ
• Exam Feedback Procedure
• Grievance Procedure
• ADA Accomodation Policy
• Job Listings
• SANS Portal
• SANS Home
• SANS Software Security Institute
• SANS Reading Room
• Direct Links G7799 GSAE GPCI GSNA GAWN-C GCDS GLFR GLIT GBLC GLEG GCIP GHSC GISP GFSP GEWF GEIT GLDR GCIM GCPM GSLC GCSC GSPA GOEC GISO GISF SSP-CNSA GGSC-0400 SSP-DRAP SSP-MPA GGSC-0200 GSEC GGSC-0100 GPEN GSOC GWAS GWAPT SSP-GHD GCWN GCFA GCED GHTQ GCIA GCIH GCFW GIPS GCUX GAWN GNET GREM GSIP GSSP-C GSSP-JAVA GSSP-NET GCEH GCFA GREM
•  

STAR Web Application Security

Type:

Skills Test and Report (STAR)

Course:

SEC 319 :: Intro to Web Application Security

Target:

Designers, Architects, Implementors, and Program/Project managers responsible for Web applications and anyone interested in learning the concepts of secure web application design.

The Web Application Security Workshop focuses on the latest tools and techniques used in designing applications which provide data to those who need it while keeping the bad guys out. The candidate will have hands on experience using current tools to detect and prevent Cross-site scripting (XSS), and SQL Injection as well as an in-depth understanding of authentication, and session management systems and their weaknesses and how they are best defended.

Requirements:

One online assessment test - 50 questions - 90 minute time limit

Renewal:

N/A

Assessment test topics:

Access Control

Authentication

CSRF, Response Splitting, and Credit Card Handling

Infrastructure, Logging, and Encryption

Input Validation

View Listings

For more information please email star@giac.org.

© 2000-2010 The SANS Institute

SANS Web Privacy Policy: www.giac.org/privacy.php - Web Contact: webmaster@giac.org

Phone: 301-654-7267 | Mon-Fri 9am-8pm EST/EDT

(ISC)² and CISSP are registered marks of the International Information Systems Security Certification Consortium, Inc.