Course Objectives

After completing this course, you will be able to:

• Identify adversary motivation and opportunities to attack web applications
• Identify the top security risks associated with web applications and the common challenges faced when addressing these risks
• Identify various attacks on web applications by examining real-world examples
• Identify how adversaries exploit web application vulnerabilities using attacks, such as SQL injection, local and remote file inclusion, cross-site scripting, cross-site forgery, and so on
• Use popular software and tools used for web application security testing
• Detect security incidents targeting web applications
• Improve mitigation capabilities related to threats against web applications using methods, such as layered architecture, machine learning, solution integration, secure software development life-cycle, and so on

Pre-Requisites

You must have an understanding of the topics covered in the following courses;

• NSE 4 FortiGate Security
• NSE 4 FortiGate Infrastructure

It is also recommended that you have an understanding of the topics covered in the following courses, or have equivalent experience:

• NSE 6 FortiWeb
• NSE 7 Advanced Threat Protection