Modal title

Modal body text goes here.

The Fortinet Certified Trainer (FCT) assessment is a trainer evaluation process in which each candidate has to prove their training delivery skills. The FCT assessment is a two-day assessment that evaluates the FCT candidate’s ability to maintain Fortinet’s quality standards in technical knowledge, skills and instructional abilities.

Who can apply?

The FCT assessment candidate should be a Fortinet employee or a candidate sponsored by an ATC who has submitted proof of reference, along with an online application form. An FCT candidate who wants to apply for an FCT assessment must meet the following knowledge and experience eligibility requirements:

  • Extensive technical knowledge and skills in network security and cybersecurity
  • Five years of relevant experience in network security and cybersecurity
  • Certification in the required NSE training courses
  • Five years of experience in training delivery in IT security
  • Demonstrable training facilitation and delivery skills

If you meet all of these requirements you can apply for the FCT assessment!

Please contact fct@fortinet.com for queries and suggestions.

Skip to main content
Training Institute
  • Library
  • Schedule
  • Certifications
  • ATC
  • Academic Partner Program
  • Fast Track Workshops
  • Log in
  • Training
  • Library

Web Application Security

Download Course Description
Course Description

In this course, you will explore web application threats and countermeasures focused on Fortinet solutions. Comprised of theory lessons and hands-on labs, this course will guide you from the very motivations of attacks on web applications through to understanding and executing attack techniques. You will gain insight into recognizing such attacks, and, finally, configure Fortinet solutions to mitigate them.

Who Should Attend

Networking and security professionals involved in the architectural design, implementation, and monitoring of solutions to address web application security based on FortiGate and FortiWeb devices should attend this course.

This course assumes advanced knowledge of networking and web application security concepts, and extensive hands-on experience working with FortiWeb and FortiGate devices.

Prerequisites

You must have an understanding of the topics covered in the following courses, or have equivalent experience:

  • NSE 4 FortiGate Security
  • NSE 4 FortiGate Infrastructure

It is also recommended that you have an understanding of the topics covered in the following courses, or have equivalent experience:

  • NSE 6 FortiWeb
  • NSE 7 Advanced Threat Protection
Agenda
  1. Contextualization
  2. Attack Procedures
  3. Software and Tools
  4. Incident Detection
  5. Threat Mitigation
Objectives

After completing this course, you will be able to:

  • Identify adversary motivation and opportunities to attack web applications
  • Identify the top security risks associated with web applications and the common challenges faced when addressing these risks
  • Identify various attacks on web applications by examining real-world examples
  • Identify how adversaries exploit web application vulnerabilities using attacks, such as SQL injection, local and remote file inclusion, cross-site scripting, cross-site forgery, and so on
  • Use popular software and tools used for web application security testing
  • Detect security incidents targeting web applications
  • Improve mitigation capabilities related to threats against web applications using methods, such as layered architecture, machine learning, solution integration, secure software development life-cycle, and so on
System Requirements

If you take the online format of this class, you must use a computer that has the following:

  • A high-speed Internet connection
  • An up-to-date web browser
  • A PDF viewer
  • Speakers or headphones
  • One of the following:
    • HTML 5 support or
    • An up-to-date Java Runtime Environment (JRE) with Java plugin enabled on your web browser

You should use a wired Ethernet connection, not a WiFi connection. Firewalls, including Windows Firewall or FortiClient, must allow connections to the online labs.

Enroll Now

Access the latest self-paced training version

Purchasing Process

More information on how to purchase instructor-led courses, on-demand labs, exam vouchers, and study material.

Find an Instructor-Led Class

Browse our schedule for upcoming classes delivered by Fortinet.

Product Versions
  • FortiGate 6.2.4
  • FortiWeb 6.1.1
Course Duration
  • Lecture time (estimated): 3 hours
  • Lab time (estimated): 4 hours
  • Total course duration (estimated): 7 hours / 1 day
Formats
  • Instructor-led (classroom and online)
  • Self-paced online
(ISC)2

  • CPE training hours: 3
  • CPE lab hours: 4
  • CISSP domains: Security Operations

Part Number (SKU)
  • FT-CST-WAS
  • FT-CST-WAS-LAB

See Purchasing Process for more information

Certification

This course does not have a certification exam


  • Library
  • Schedule
You are not logged in. (Log in)
  • Library
  • Schedule
  • Certifications
  • ATC
  • Academic Partner Program
  • Fast Track Workshops
Data retention summary