Skip to main content
Training Institute
  • Library
  • Schedule
  • Certifications
  • ATC
  • Academic Partner Program
  • Fast Track Workshops
  • More
Log in
Contents
Library Schedule Certifications ATC Academic Partner Program Fast Track Workshops

Web Application Security

Training / Library
Download Brochure

Blocks

Course Description

In this course, you will explore web application threats and countermeasures focused on Fortinet solutions. Comprised of theory lessons and hands-on labs, this course will guide you from the very motivations of attacks on web applications through to understanding and executing attack techniques. You will gain insight into recognizing such attacks, and, finally, configure Fortinet solutions to mitigate them.

Who Should Attend

Networking and security professionals involved in the architectural design, implementation, and monitoring of solutions to address web application security based on FortiGate and FortiWeb devices should attend this course.

This course assumes advanced knowledge of networking and web application security concepts, and extensive hands-on experience working with FortiWeb and FortiGate devices.

Prerequisites

You must have an understanding of the topics covered in the following courses, or have equivalent experience:

  • NSE 4 FortiGate Security
  • NSE 4 FortiGate Infrastructure

It is also recommended that you have an understanding of the topics covered in the following courses, or have equivalent experience:

  • NSE 6 FortiWeb
  • NSE 7 Advanced Threat Protection
Agenda
  1. Contextualization
  2. Attack Procedures
  3. Software and Tools
  4. Incident Detection
  5. Threat Mitigation
Objectives

After completing this course, you will be able to:

  • Identify adversary motivation and opportunities to attack web applications
  • Identify the top security risks associated with web applications and the common challenges faced when addressing these risks
  • Identify various attacks on web applications by examining real-world examples
  • Identify how adversaries exploit web application vulnerabilities using attacks, such as SQL injection, local and remote file inclusion, cross-site scripting, cross-site forgery, and so on
  • Use popular software and tools used for web application security testing
  • Detect security incidents targeting web applications
  • Improve mitigation capabilities related to threats against web applications using methods, such as layered architecture, machine learning, solution integration, secure software development life-cycle, and so on
System Requirements

If you take the online format of this class, you must use a computer that has the following:

  • A high-speed Internet connection
  • An up-to-date web browser
  • A PDF viewer
  • Speakers or headphones
  • One of the following:
    • HTML 5 support or
    • An up-to-date Java Runtime Environment (JRE) with Java plugin enabled on your web browser

You should use a wired Ethernet connection, not a WiFi connection. Firewalls, including Windows Firewall or FortiClient, must allow connections to the online labs.

Enroll Now

Access the latest self-paced training version

Purchasing Process

More information on how to purchase instructor-led courses, on-demand labs, exam vouchers, and study material.

Find an Instructor-Led Class

Browse our schedule for upcoming classes delivered by Fortinet.

Product Versions
  • FortiGate 7.2.1
  • FortiWeb 7.2.1
Course Duration
  • Lecture time (estimated): 3 hours
  • Lab time (estimated): 4 hours
  • Total course duration (estimated): 7 hours / 1 day
Formats
  • Instructor-led (classroom and online)
  • Self-paced online
(ISC)2

  • CPE training hours: 3
  • CPE lab hours: 4
  • CISSP domains: Security Operations

Part Number (SKU)
  • FT-CST-WAS-LAB

See Purchasing Process for more information

Certification

This course does not have a certification exam


Data retention summary