What is Web Application Security?

Web application security (also known as Web AppSec) is the idea of building websites to function as expected, even when they are under attack.

Web security testing aims to find security vulnerabilities in Web applications and their configuration. The primary target is the application layer (i.e., what is running on the HTTP protocol).

Why is web security testing important?

What are the different types of security tests?

Dynamic Application Security Test (DAST)

Static Application Security Test (SAST)

Penetration Test

Runtime Application Self Protection (RASP).

– SQL Injection

– XSS (Cross Site Scripting)

– Remote Command Execution

– Path Traversal

Majority of Web Application Attacks

Application and server configuration

Input validation and error handling

Client-side logic

Authorization

Business logic

1

2

3

4

5

web application security test

R31/ 32, 2nd floor, Jandu Tower, Vikas marg, Shakarpur, New Delhi 110090

training@craw.in

+ (91) - 951 380 5401