Web applications are vulnerable to many types of attacks to which traditional client-server applications are not as susceptible. These vulnerabilities, over the past several years, have resulted in attacks that have exposed companies to monetary losses and reputational damage.
This course covers these vulnerabilities, how attacks are constructed based on them, and techniques that can be used to mitigate such vulnerabilities.
You Will Learn
- Browser Security Model (document object model, same-origin-policy andviolations of it), and SSL
- Coverage of HTML5 vulnerabilities due to frame communication, localstorage, cross-origin resource sharing, and other HTML5 features
- SQL Injection (and other forms of command injection including LDAP andXPath Injection)
- Cross-site scripting (XSS), cross-site request forgery (XSRF), andcross-site script inclusion (XSSI), Clickjacking
- Prevention techniques including input validation, output escaping, signatures, message authentication codes, and frame busting
- Mukul Khullar, Staff Information Security Engineer, LinkedIn
- Parisa Tabriz, Engineering Director, Google
This course is approximately 4 hours of video content with 1.5 hours of coursework.
We recommend you have the equivalent of a BS in Computer Science and/or a background in security.
- $495 per online course
- $75 one-time document fee
Continuing Education Units
By completing this course, you’ll earn 1 Continuing Education Unit (CEU). CEUs cannot be applied toward any Stanford degree. CEU transferability is subject to the receiving institution’s policies.
Record of Completion
When you complete each course, you’ll receive an email with a link to download your Record of Completion. This email will be sent to the address you provide in your mystanfordconnection within 3 business days of course completion.
On Demand Webinars
View our free on-demand webinars to get a preview of the courses we have to offer.