Skip to main content
European Digital Innovation Hubs Network
Training and workshops

Introduction to web application firewalls (WAFs)

Train the Trainer Course

Train the Trainer Course, which took place on 24 August (12:00 - 14:00 CEST), aimed to better enable EDIHs and their representatives to provide web application firewall training to their SME / PSO clients.

Course content:

  • The course covered the theory and practical application of Web Application Firewalls (WAFs), including:
    • How they operate;
    • How they can be deployed to protect vulnerable applications without modifying the application code, with a real-life example;
  • A real-life example of a vulnerable WebShop which was protected with a Web Application Firewall:
    • Please note that this micro-course is not being delivered in a lab environment;
    • The Lab used in the example is only used as a reference and hands-on exercises are optional.

Course prerequisites:

  • Introduction to Web Application Firewalls (WAF) is a Train the Trainer course that teaches the basics of web application security, focusing on the deployment, configuration and management of WAFs to protect web applications from various attacks;
  • To maximize your success in this course, it is recommended that you meet the following prerequisites:
    • Basic understanding of web technologies: Familiarity with HTML, CSS, JavaScript, and the HTTP protocol is essential for understanding how web applications work and interact with WAFs;
    • Networking fundamentals: Basic knowledge of networking concepts such as IP addresses, ports, and protocols will help you grasp how WAFs protect web applications from external threats;
    • Web server administration: Basic experience in configuring and managing web servers (such as Apache, Nginx, or IIS) will provide you with a better understanding of how WAFs are integrated into the application infrastructure;
    • Application security concepts: Familiarity with common web application vulnerabilities like SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) is crucial for understanding the threats that WAFs aim to mitigate;
    • Familiarity with programming languages: Some knowledge of programming languages, particularly those used in web development (such as PHP, Python, Ruby, or JavaScript), can be beneficial for understanding code-level vulnerabilities and WAF rules.

Course goals:

By the end of this course, participants were able to:

  • Understand and impart the role of Web Application Firewalls (WAF) in web application security;
  • Guide clients on how to identify common web application vulnerabilities and how WAFs can help mitigate these threats;
  • Impart practical knowledge on how to deploy a WAF as a reverse proxy in various web application environments.

All supporting materials, including the video recording and the presentation slides, are accessible to registered participants on the e-learning platform.

Course provider: South Eastern Finland University of Applied Sciences

  • -
  • Online only

Practical information

Where
Online only
When
-
Who should attend
EDIHs and Seal of Excellence EDIHs