Securing Your E-Commerce Web Application Against Cyber Threats - 生產力學院
Securing Your E-Commerce Web Application Against Cyber Threats
10011959-01
香港九龍達之路78號
2021-11-02
蔡小姐,電話:+852 2788 5884

應對網絡威脅的電子商務網絡應用課程

隨著疫情的影響,愈來愈多公司嘗試建立企業網站以積極發展電子商務。毫無疑問,如果擁有大量有價值的客戶數據,這些網站便很容易成為黑客攻擊的目標。不安全的網站應用程式更會大大增加了數據洩漏和系統受損的風險。

此課程適合任何網站管理員。在課程中,學生不但能了解網站應用程式的最新發展、常見的網站保安問題,以及保護網站的策略等。同時課程亦提供實作機會,讓每位學生都能學習並體驗網站安全性的檢測和驗証(或滲透測試)操作技巧。

(課程內容介紹以英文為準)

With the impact of COVID-19, companies are paying more effort in the development of their websites to incorporate into e-commerce.

No doubt, business websites could hold valuable client data and become attractive targets of hackers. Risk of data leakages and system compromise cases result from insecure web applications.

This programme is for any website administrator to go through the journey of the recent development of web applications, common web application security issues and tactics to secure websites. A hands-on lab will be provided for participants to gain practical experience in checking and verifying security (or penetration testing) of a fully functioned e-commerce website.

Course Objectives

Participants should be able to:

  • Understand the recent web technology and web application security landscape
  • Understand the OWASP Top 10 web security issues
  • Understand and apply the web application security concepts, techniques and tools learnt to fix OWASP Top 10 issues in different platforms
  • Apply the skills learnt from Juice Shop hands-on exercise and tools in assessing the security of (or penetration testing) a fully functioned e-commerce website

Date and Time

2 -3 November 2021
09:30 – 17:00

Venue

1/F, HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong

Medium

Cantonese with English terminology

Course Outline

  • Introduction to the latest Web Security Landscape

– Basics of web technology
– Well known web compromised security incidents
– Application Security Concepts
– Common web application issues (on different platforms and applications)
– OWASP Top 10 for Web Application

  • Tools for Website Security Testing and Verification

– Useful Chrome browser plugins for developers
– OWASP ZAP, etc.

 

  • OWASP Juice Shop Workshop
    – Hands on exercise to identify security vulnerabilities and fix them

Fee

Early Bird Price (deadline on 2 Oct 2021):

-Staff of Organiser or Member of Supporting Organisation: HK$6,000 per person

-Non-member: HK$6,200 per person

Regular Price:

-Staff of Organiser or Member of Supporting Organisation: HK$6,200 per person

-Non-member: HK$6,400 per person

Member of HKRMA:

–    HK$6,000 per person

Trainer

Mr Bernard KAN

Bernard KAN has over 20 years of experience in information security as a security team leader in Banking and Telecommunication industries and HKCERT.

He has been delivering quality information security training to enterprises, talks in in security conference and sharing sessions to NGOs. He was a frequent speaker for security awareness training.

He had been a part-time lecturer a post-graduate Information Security certificate course of City University of Hong Kong for 6 years.

Bernard holds various professional certifications, including CISSP, GCIA, GCIH, CWSP, CCNP, MCSE and CEC. He is a Master of Science degree in E-Commerce.

Target Audience

  • Website owners interested in web application security
  • Web application developers
  • Information security staff interested in enhancing hands-on experience on web application testing

Certificate of Training

Participants who have attained 75% or more attendance of lecture will be awarded an Attendance Certificate.

Download Full Course Detail ▼