This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Learn More About the Web Security Testing Class

Jump to: navigation, search


Web Testers


Testers responsible for finding Web vulnerabilities. Functional testing knowledge as well as a basic understanding of how applications work. No prior security testing experience is required.


This course is a deep dive into the world of web application security testing. It is designed to walk testers through every step of web application penetration testing, arming them with the knowledge and tools they will need to begin conducting their own security testing. The course will teach the participants how to think like a security engineer by creating and executing a security test plan. Participants will be exposed to common web application vulnerabilities, testing techniques and tools by a professional security tester. The course includes a guided penetration test in which the students will execute security test with the help of the instructor.


Upon completion of this class, participants will be able to:

  • identify why software security matters to their business
  • build a threat model driven security test plan
  • quickly identify the riskiest areas of an application
  • perform a high-level security assessment on a Web application
  • integrate security test cases and tools as part of their test suites
  • report findings in a comprehensive manner in order to enable timely remediation