2024 ISACA North Texas Summer Seminar: Auditing Web Applications

Starts:  Aug 14, 2024 09:00 (CT)
Ends:  Aug 16, 2024 17:00 (CT)
Associated with  North Texas Chapter

***Last Day to Register: August 7th***

Sponsor: Baker Tilly (Frisco)
Dates: August 14, 2024 - August 16, 2024
Time: 9:00am to 5:00pm Central Time (1 Hour Break for Lunch)
Location: 17 Cowboys Way, Frisco, TX 75034 (First Floor Conference Room)
CPE: 21 (3 days)
Format: In Person
ISACA Non-Member Pricing:
$800
ISACA Member Pricing: $750
Note: Registration includes breakfast, coffee, and lunch.

FEE Notes: 

  • All non-members of ISACA must create a free account and log in during registration.
  • You can create an ISACA account here if you do not already have one.

 

Course Overview: This 3-day course identifies the key issues that an auditor should look at to identify whether a web application has been properly secured. The course covers essential secure coding requirements, including the OWASP Top 10. The tools and techniques for assessing and securing applications will be reviewed, including hands-on exercises which reinforce the concepts introduced in the class. Topics discussed include authentication, authorization, SQL injection, cross site scripting, cross site request forgery, logging requirements, data storage requirements, how to respond to incidents and more! Authentication options will be explored, as well as the steps required to adequately audit authentication.
Course Outline:

I. Foundational Skills & Web Basics
II. Environment Identification & Application Exploration
III. Access Control
IV. Cryptographic Considerations
V. Identification and Authentication
VI. Session Analysis
VII. Insecure Design
VIII. Element Manipulation Concepts
IX. Security Logging and Monitoring

X. Server-Side Request Forgery



Laptop Required:

Students are required to have a laptop in order to complete the hands-on exercises. The laptop should meet the following specifications for the student to get the most from the exercises:
     • USB Port
     • 8 GB RAM or higher
     • 25 GB available hard drive space
     • Windows 7 professional or later
     • Administrator privileges including the capability to install and run tools, as well as disable anti-virus
     • VMWare Player should be installed

Instructor:

Tanya Baccam, Consultant, Senior SANS Instructor, CISSP, CPA, CITP, CISA, CISM, GPPA, GCIH, OCP DBA
Tanya Baccam has extensive experience performing audits and assessments including application reviews, system audits, vulnerability and penetration tests, as well as providing training around application and software development risks. She is skilled in reviewing the security architecture for clients including assessing firewalls, applications, web sites, network infrastructure, operating systems, routers, and databases. She has conducted multiple network penetration engagements, vulnerability assessments and risk assessments using an arsenal of tools including commercially available and open-source tools. She has developed and reviewed policies and procedures, as well as developing and providing security awareness training. Tanya has been responsible for conducting, scheduling and managing numerous security assessment engagements. Additionally, she has provided advice and guidance to multiple companies on how to build successful auditing practices. During her career in Information Technology, Tanya has become an expert in network and application security services. She has functioned in management, training and consulting roles. She has vast experience including support of Novell, UNIX, Windows, and Oracle platforms. Tanya is a Senior Certified Instructor and courseware author for SANS (Sysadmin, Audit, Network, Security) where she has developed and delivered training in security auditing, incident handling, hacker exploits, database security and perimeter protection, as well as being an authorized grader for some of the GIAC certifications. She is also a member of ISACA (Information Systems Audit and Control Association).

Location

First Floor Conference Room
17 Cowboys Way
Frisco, TX 75034

Pricing Information

Registration Price
Member $750.00
Non-member $800.00

Contact

ISACA North Texas Education

education@isaca-northtexas.org