Web applications play a vital role in every modern organisation, but if your organisation does not properly test and secure its web apps, adversaries can compromise these applications by damaging business functionality and stealing data. Many organisations operate under the misconception that a web application security scanner will reliably discover flaws in their systems. GIAC Web Application Penetration Tester (SEC542) helps students move beyond push-button scanning to become a professional, thorough and high-value web application penetration tester. The course also enables students to assess a web application's security posture and convincingly demonstrate the impact of inadequate security that plagues most organisations. In addition to high-quality course content, SEC542 focuses heavily on in-depth, hands-on labs to ensure that students can immediately apply all they learn.

Learning Outcome

Participants will learn how to:

  • Apply a repeatable methodology to deliver high-value penetration tests
  • Discover and exploit key web application flaws
  • Explain the potential impact of web application vulnerabilities
  • The importance of web application security to an overall security posture
  • Wield key web application attack tools more efficiently

Who should Attend?

  • General security practitioners
  • Penetration testers
  • Ethical hackers
  • Web application developers
  • Website designers and architects

Eligibility Criteria

Students should have a basic working knowledge of the Linux command line.
This course is endorsed under Critical Infocomm Technology Resource Programme Plus (CITREP+) Programme.
To find out more about CITREP+ Funding, please refer to Programme Support under CITREP+ page

Information is accurate as of 14 January 2020