Home About
Services
Consulting and Expertise Security Management Security Governance Business Continuity Security Awareness
Formations
SECURITE OFFENSIVE - ETHICAL HACKING
Cybersecurity Awareness Hacking & Security: Fundamentals Hacking & Security: Advanced Hacking & Security: Expert Certified Ethical Hacker v10 Penetration Testing: Audit Simulation Web Site Audit Social Engineering and Countermeasures Conducting a Security Audit: SI Audit Method Certified Web Application Security Pentester Python for Pentesting Advanced Exploitation with Metasploit Certified of Cloud Security Knowledge Intelligent Android Application Testing Computer Hacking Forensic Investigator v9
INFORENSIQUE
Computer Hacking Forensic Investigator v9 Advanced Forensic Analysis and Incident Response Mobile Device Forensics
MANAGEMENT
ISO 27001: Certified Lead Implementer ISO 27001: Certified Lead Auditor ISO 27005: Certified Risk Manager ISO 27005: Certified Risk Manager + EBIOS Method Certified Information Systems Auditor Certified Information Systems Security Professional Certified Data Protection Officer Certified Information Security Manager ISO 31000: Certified Risk Management ISO/IEC 22301 Certified Lead Auditor ISO/IEC 22301 Certified Lead Implementer ISO/IEC 27032 Certified Cybersecurity Manager ISO/IEC 27034 Certified Lead Auditor ISO/IEC 27034 Certified Lead Implementer ISO/IEC 27035 Lead Incident Manager Certified Lead Pen Test Professional ISO 9001 Certified Lead Auditor ISO 9001 Certified Lead Implementer
SECURITE DEFENSIVE
Android Device Security Awareness >Linux Security Windows Security Network Security Technology Watch Security SIEM Implementation Secure Web Development: Python Session Secure Web Development: PHP Session
Team Contact

Language

FR EN AR
Home / Training / Secure Web Development: Python Session

Secure Web Development: Python Session

Develop secure Python web applications, from design to deployment.

Python
Web Security
Advanced Training

Objective

Python is now one of the main programming languages used. Its great flexibility makes it also very suitable for web application development, with the elegance of programming and pitfalls to avoid through a vulnerable application. We will see how to develop in a clean, secure way with the least effort possible thanks to the tools available in the language. The training covers all the key points for developing securely under Python, from the design to the deployment of your application.

Specific Objectives:

  • Acquire good practices and reflexes for developing secure web applications under Python

Prerequisites

  • Mastering Linux administration (shell)
  • Knowledge of the Python language
  • Knowledge of virtualization technologies (VirtualBox or Docker)

General Information

  • Code: DSWPYT
  • Duration: 3 days
  • Schedule: 8:30 AM - 5:30 PM
  • Location: Training Center, Centre Urbain Nord, Tunis

Target Audience

  • Engineers / Technicians
  • System Administrators
  • Developers

Resources

  • Training materials
  • 40% demonstration
  • 40% theory
  • 20% practical exercises

Training Program

  • Day 1
    • Introduction to computer security
    • Need or necessity
    • Risks involved
    • Impacts
    • Introduction to Python
    • Language history
    • Its characteristics
    • Python for the Web
    • Coding a WSGI web application
    • WSGI presentation and first application
    • Production deployment and first best practices
    • Information leakage
    • Command injection
    • XSS
    • SQL injection
    • CSRF
    • Arbitrary redirection
  • Day 2
    • Lab Work
    • Deploying WSGI with Apache and Docker
    • Review of different vulnerabilities on a test application
    • Coding a web application with a framework (Flask)
    • Why a framework?
    • Introduction to Flask
    • Development best practices
    • Deploying an application
    • Secure development with Flask
    • Built-in protections in Flask and SQLAlchemy
  • Day 3
    • Lab Work
    • Refactoring a vulnerable application in Flask
    • Review of the structure and code of the secured application
    • Vulnerability testing and verification of protections provided by Flask

Don't hesitate to contact our experts for additional information, free audit studies, and cost estimates.

Information security is essential for any organization that needs to protect and enhance its information assets.

Contact Us