iSAQB® Web Security (WEBSEC)
Robust security architectures for modern web systems (CPSA Advanced Level)
.svg)
Machine Learning Engineer
The training essential knowledge and skills to effectively protect web applications from cyber attacks. In addition to the basics of web security, the focus is on implementing robust protection mechanisms, analyzing and remedying vulnerabilities, and strong authentication and authorization procedures. In the training, you will learn how to use firewalls and encryption techniques in a targeted manner, identify points of attack at an early stage, and seamlessly integrate security measures into existing systems—for maximum protection and resilience.
Fundamentals of web security:
- Protection goals such as confidentiality, integrity, and availability.
- Threat analysis and risk management.
Firewalls and encryption:
- Use of packet filters, web application firewalls, and intrusion detection systems.
- Use of symmetric and asymmetric encryption methods.
Vulnerability analysis:
- Identification of security vulnerabilities through penetration testing and fuzzing.
- Use of tools for automated security analysis.
Authentication and authorization:
- Concepts such as multi-factor authentication and single sign-on.
- Implementation of OAuth, OpenID Connect, and SAML.
Safety guidelines and standards:
- Introduction to ISO 27000, OWASP, BSI basic protection, and PCI DSS.
- Creation and implementation of secure development guidelines.
Data protection and GDPR-compliant development:
- Protection of personal data and legally compliant storage.
- Measures to comply with GDPR requirements.
Requirements:
- You should understand HTML, CSS, and JavaScript.
- You need basic knowledge of protocols and data transmission.
- You should have already created or collaborated on web applications.
- A basic understanding of IT security is helpful.
- You should be open to new security concepts and best practices.
- Practical experience with software or system architecture is an advantage.
Technical requirements:
There are no special requirements for the training environment, as the exercises take place using cloud- and web-based tools such as Miro, Draw.io, and platforms such as Jupyter or HuggingFace. All that is needed is a stable and sufficiently fast internet connection.
- You identify risks, threat models, and security vulnerabilities at an early stage.
- You develop applications according to security-by-design principles.
- You understand common attack vectors and implement protective measures.
- You apply encryption, hashing, and trust models securely.
- You secure systems with firewalls, IDS, and secure protocols.
- You implement learned security concepts directly in development.
Your advantages at a glance:
- Sound web security: Identify security risks and minimize them in a targeted manner.
- Practical methods: Apply proven security concepts directly.
- Recognized certification: Demonstrate your professional competence and improve your career opportunities.
- Visual collaboration through, for example, whiteboarding
- High level of interactivity through customized exercises and breakout rooms
- Ideal trainer support even in the breakout rooms
Credit points for CPSA-A certification:
With the WEBSEC training course, attendees earn attendees technical and 10 methodological credit points according to the iSAQB Advanced Level Program.
.svg)
