• Teknologi yang mendukung aplikasi web • OWASP Top 10 • Prinsip dasar security • Definisi Injection • Confidentiality (Kerahasiaan) • Cara Kerja Injection • Integrity (Keutuhan) • Penanggulangan Injection • Availibility (Kemudahan akses) • Definisi dan Bahaya Injection • Ancaman keamanan yang paling umum terhadap • Cara Kerja Broken Authentication and Session aplikasi web Management • Vulnerability • Penanggulangan Broken Authentication and Session Management Rancangan Silabus (2) • Definisi dan Bahaya Cross-Site Scripting (XSS) • Definisi dan Bahaya Security Misconfiguration • Cara Kerja Cross-Site Scripting (XSS) • Cara Kerja Security Misconfiguration • Penanggulangan Cross-Site Scripting (XSS) • Penanggulangan Security Misconfiguration • Definisi dan Bahaya Insecure Direct Object • Definisi dan Bahaya Sensitive Data Exposure References • Cara Kerja Sensitive Data Exposure • Cara Kerja Insecure Direct Object References • Penanggulangan Sensitive Data Exposure • Penanggulangan Insecure Direct Object References Rancangan Silabus (3) • Definisi dan Bahaya Missing Function Level Access • Definisi dan Bahaya Using Components with Known Control Vulnerabilities • Cara Kerja Missing Function Level Access Control • Cara Kerja Using Components with Known • Penanggulangan Missing Function Level Access Vulnerabilities Control • Penanggulangan Using Components with Known • Definisi dan Bahaya Cross-Site Request Forgery Vulnerabilities (CSRF) • Definisi dan Bahaya Unvalidated Redirects and • Cara Kerja Cross-Site Request Forgery (CSRF) Forwards • Penanggulangan Cross-Site Request Forgery (CSRF) • Cara Kerja Unvalidated Redirects and Forwards • Penanggulangan Unvalidated Redirects and Forwards