Contattaci Richiedi un contatto telefonico



Practical Web Defense

Ti interessa questo corso?

Iscriviti per ottenere l'accesso al nostro materiale formativo e ai laboratori!

Extremely Hands-on

Practice Web App defense against real world attacks. PWD includes the most sophisticated virtual lab on IT Security: Hera Lab

Discover Labs

Become Certified

Obtain the eWDP certification and prove your practical skills with the only 100% practical certification on Web Application Defense

Discover eWDP

Dai un'occhiata al corso

  • Close the gap between Web application attack and defense
  • Mitigation advices for multiple platforms and languages
  • The most comprehensive and practical coverage of the OWASP Testing Guide
  • Comprehensively aligned to OWASP methodologies, tools and tests
  • Covers and goes beyond OWASP TOP 10
  • Detailed techniques and methodology to simplify defense of web applications
  • No boring theory: practice oriented curriculum
  • Over 20 different lab scenarios to practice with
  • Advanced usage of OWASP ZAP, OWASP OWTF, ModSecurity...
  • Coverage of OWASP Cheat Sheets, OWASP OpenSAMM, OWASP ModSecurity Core Rule Set
  • After obtaining the WDP certification qualifies you for 40 CPE

Materiale del corso

  • 25 hours of HQ video training material
  • 2700+ slides
  • 20 labs in Hera

Fruizione del corso

  • Self-paced
  • Off-line access available
  • Access from PC, Tablet and Smartphone

Prova il corso gratuitamente

Confermo di voler ricevere email da parte di Caendra Inc.


Scarica il Syllabus in PDF


  • Basic knowledge of programming fundamentals: loops, variables, functions, include files etc
  • Reading and understanding PHP code will help although not mandatory.
  • Basic knowledge of tools such as curl, Wireshark, OWASP ZAP (or Burp).
  • Knowledge of security concepts will be an advantage but is not required

Questo corso di formazione è per...

  • Web developers
  • Web app security researchers
  • Penetration testers
  • IT admins and staff


Each lab is associated with a chapter from the course and will provide you with a broken web application (or web service) that implements security flaws in the given chapter. You are expected to find security issues, develop a POC (Proof Of Concept) exploit for each issue found, fix the issue found, verify that the POCs no longer work and verify that the application remains working as intended.

Each lab will additionally provide you with "extra mile" challenges that you can use to get ready for the exam or just get more practice and experience.

Lab IDDescrizioneCategoria
Lab 1 Tool Introduction: OWASP, OWTF and the OWASP Testing Guide Intro
Lab 2 Information Gathering Web App Defense
Lab 3 Configuration Management Web App Defense
Lab 4 Authentication Web App Defense
Lab 5 Authorization Web App Defense
Lab 6 Information Gathering Web App Defense
Lab 7 Session Management Web App Defense
Lab 8 Business Logic Flaws Web App Defense
Lab 9 Data Validation Web App Defense
Lab 10 Cryptography Web App Defense
Lab 11 Denial of Service Web App Defense
Lab 12 Web Services: XML-RPC Web App Defense
Lab 13 Web Services: JSON-RPC Web App Defense
Lab 14 Web Services: SOAP Web App Defense
Lab 15 Web Services: REST Web App Defense
Lab 16 Web Services: XML-RPC II Web App Defense
Lab 17 Web Services: REST II Web App Defense
Lab 18 Client Side and Phishing Web App Defense
Lab 19 Error Handling and Logging Web App Defense
Lab 20 Virtual Patching and Intrusion Detection Web App Defense
Lab 21 Exam Preparation Web App Defense


Get the eWDP Certification

eLearnSecurity's eWDP (eLearnSecurity Web Defender Professional) certification proves that you have the hands-on skills to understand how web applications are attacked in the real world and what you can do to mitigate each and every attack. It will also improve your company's reputation and ensure your IT staff is well educated.

Ulteriori informazioni


  • Abraham Aranguren
    Abraham Aranguren

    Abraham Aranguren (CISSP, OSCP, GWEB, OSWP, CPTS, CEH, MCSE) is currently the Managing Director at 7ASecurity (, a company specialising in penetration testing, code reviews, security advice and training, he is also the Project founder and leader of OWASP OWTF (, an OWASP flagship project. Abraham has penetration testing experience since 2007 and web application design, development and architecture experience since 2000.After an information security honor mark at university, from 2000 until 2007 Abraham's contact with security was mostly from a defensive point of view: fixing vulnerabilities, source code reviews and vulnerability prevention at the design level as an application and framework architect. From 2007 forward Abraham focused more on the offensive side of security with special focus on web app security.

Iscriviti per ottenere l'accesso al nostro materiale formativo e ai laboratori!

Torna in cima