Train the Trainer Course, which took place on 24 August (12:00 - 14:00 CEST), aimed to better enable EDIHs and their representatives to provide web application firewall training to their SME / PSO clients.
Course content:
- The course covered the theory and practical application of Web Application Firewalls (WAFs), including:
- How they operate;
- How they can be deployed to protect vulnerable applications without modifying the application code, with a real-life example;
- A real-life example of a vulnerable WebShop which was protected with a Web Application Firewall:
- Please note that this micro-course is not being delivered in a lab environment;
- The Lab used in the example is only used as a reference and hands-on exercises are optional.
Course prerequisites:
- Introduction to Web Application Firewalls (WAF) is a Train the Trainer course that teaches the basics of web application security, focusing on the deployment, configuration and management of WAFs to protect web applications from various attacks;
- To maximize your success in this course, it is recommended that you meet the following prerequisites:
- Basic understanding of web technologies: Familiarity with HTML, CSS, JavaScript, and the HTTP protocol is essential for understanding how web applications work and interact with WAFs;
- Networking fundamentals: Basic knowledge of networking concepts such as IP addresses, ports, and protocols will help you grasp how WAFs protect web applications from external threats;
- Web server administration: Basic experience in configuring and managing web servers (such as Apache, Nginx, or IIS) will provide you with a better understanding of how WAFs are integrated into the application infrastructure;
- Application security concepts: Familiarity with common web application vulnerabilities like SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) is crucial for understanding the threats that WAFs aim to mitigate;
- Familiarity with programming languages: Some knowledge of programming languages, particularly those used in web development (such as PHP, Python, Ruby, or JavaScript), can be beneficial for understanding code-level vulnerabilities and WAF rules.
Course goals:
By the end of this course, participants were able to:
- Understand and impart the role of Web Application Firewalls (WAF) in web application security;
- Guide clients on how to identify common web application vulnerabilities and how WAFs can help mitigate these threats;
- Impart practical knowledge on how to deploy a WAF as a reverse proxy in various web application environments.
All supporting materials, including the video recording and the presentation slides, are accessible to registered participants on the e-learning platform.
Course provider: South Eastern Finland University of Applied Sciences
- -
- Online only
Practical information
- Where
- Online only
- When
- -
- Who should attend
- EDIHs and Seal of Excellence EDIHs