Security in internet

The training was dedicated to the software professioanls working on web applications' development. The traing offered a detailed view on the most common security vunerabilities they can enconter in software development, like SQL Injection, Cross Site Scripting, Cross Site Request Forgery, Insecure Direct Object References, etc.

It was very well structured, first overviewing the vulerabilities and disscussing possible impact and prevention actions. Tough many of the vulnerabilities were already known to the developers, the training was well-received by the developers because it offered a framework for discussions and exchange of experience about real-life implementations and analysis of impact and prevention methods. Training also included a practical part, where using provided tools for didactic purposes, the developers had the chance to exploit the previously learnt vulnerabilities. This offered a very good perspective on the risk the developers asume if they don't take preventive measures from the begining.

The trainer also presented a tool for scanning the code and identifying possible security vulnerabilities, tool that was adopted by the developers and testers to be used in their work.