About the course
Web applications are vulnerable to many types of attacks to which traditional client-server applications are not as susceptible. These vulnerabilities, over the past several years, have resulted in attacks that have exposed companies to monetary losses and reputational damage.
This course covers these vulnerabilities, how attacks are constructed based on them, and techniques that can be used to mitigate such vulnerabilities.
You Will Learn
- Browser Security Model (document object model, same-origin-policy andviolations of it), and SSL
- Coverage of HTML5 vulnerabilities due to frame communication, localstorage, cross-origin resource sharing, and other HTML5 features
- SQL Injection (and other forms of command injection including LDAP andXPath Injection)
- Cross-site scripting (XSS), cross-site request forgery (XSRF), andcross-site script inclusion (XSSI), Clickjacking
- Prevention techniques including input validation, output escaping, signatures, message authentication codes, and frame busting
Online participants are asked to complete a final exam at the end of each course to maintain the integrity of the program. A score of 85% must be achieved to successfully pass the exam. A digital record of completion will be emailed to participants when they pass the exam.
It is required that participants complete the course evaluation once they have passed the final exam.
John Mitchell is the Mary and Gordon Crary Family Professor in the School of Engineering at Stanford University. He has a faculty appointment in Computer Science, as well as courtesy appointments in Electrical Engineering and the Graduate School of Education. He has research interests in computer...
Professor Boneh heads the applied cryptography group and co-directs the computer security lab. Professor Boneh's research focuses on applications of cryptography to computer security. His work includes cryptosystems with novel properties, web security, security for mobile devices, and cryptanalys...
Neil Daswani is a co-founder of Dasient, Inc., a new stealth-mode Internet security company backed by some of the most influential investors in Silicon Valley. In the past, Neil has served in a variety of research, development, teaching, and managerial roles at Google, Stanford University, DoCoMo...
Because of COVID-19, many providers are cancelling or postponing in-person programs or providing online participation options.
We are happy to help you find a suitable online alternative.