Join us at APCO 2022 Conference & Expo, August 7-10 in Anaheim, CA.   Learn more.

Back to All Courses
Course Overview

Web applications are routinely the source of many security vulnerabilities, especially as more and more move to the cloud. However, this is despite the fact it is often simple to fix most web applications vulnerabilities, before the code is released into the wild. The ‘Hardening PHP Web Apps’ course walks students through the list of the OWASP Top Ten vulnerabilities common in web application code and demonstrates various methods of secure coding to harden web applications. Specifically, the course focuses on examples A1 through A8 of the top ten list.

Each section contains instructor-led video lecture content to introduce the vulnerability and explores various mitigation measures, specific to each vulnerable code example. Each module also includes an interactive hands-on lab component, in which the student has the chance to experiment with real solutions to discover why some seemingly adequate code remediations are insufficient and others are more appropriate. The student is then challenged to complete a demanding “capstone lab” exercise that encourages the student to explore a novel web application and remedy sections where it is vulnerable.

Upon completion of this course, the student will understand how to identify many common web application vulnerabilities and gain valuable practical skills via engagement in meaningful web application security control measures.

Course Outline

  • Lab 1.1: Stopping SQL Injection with validation and prepared statements
    Lab 1.2: Stopping OS Command Injection with Data Validation

  • Lab 2.1: Implementing Proper Authentication in PHP
    Lab 2.2: Enabling Google Authenticator in a PHP Web Application

  • Lab 3.1: Password Hashing in PHP
    Lab 3.2: Proper error handling in PHP

  • Lab 4: Defending against XXE in PHP

  • Lab 5.1: Basic Access Control in PHP
    Lab 5.2: Preventing Directory Traversal and LFI with Whitelisting in PHP

  • Lab 6: Securing the PHP configuration

  • Lab 7: Preventing XSS in PHP

  • Lab 8: Secure Serialization in PHP

  • Lab 9.1: Defending Against CSRF in PHP
    Lab 9.2: Securely Handling File Uploads in PHP

  • Lab 10: Capstone: Securing a Web Application From Top to Bottom in PHP

Course Introduction Video

Purchase Now

Course Access Duration

6 Months

Course Cost

$99

System Requirements

Download & review the minimum hardware and software requirements to ensure your setup is ready for the virtual training experience.

What Students Will Receive:

  • Expert-Led Instruction: Learn from top cybersecurity practitioners across every niche, gaining insights from industry leaders.
  • Extended Access: Enjoy six months of unlimited online access to your course through the On-Demand training platform, allowing you to learn at your own pace.
  • Hands-On Labs & Exercises: Apply your knowledge in real-world scenarios with interactive labs designed to enhance your practical skills.
  • Knowledge Reinforcement: Quizzes after each module help solidify key concepts and ensure retention.
  • Capstone Lab Challenge: Put your skills to the test with a final hands-on lab, demonstrating mastery of the course material.

With these resources, you'll have everything you need to confidently master the material and achieve your training goals!