You may not have been able to visit your page because of:
1. An out-of-date bookmark/favourite
2. A search engine that has an out-of-date listing
3. A mistyped address
4. You don't have access to this page
5. The requested resource was not found
6. An error has occurred whilst processing your request
Browse the information security training courses in IT Governance's webshop, your one-stop shop for high-quality and cost-effective training solutions.
Browse our range of data protection, GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018 training courses. If you’re new to world of data protection, you can opt for our foundation-level courses and advance to practitioner level. We also cover more specialised roles such as the certified DPO course and law enforcement data processing. Our courses come in a range of training formats, including classroom, instructor-led online and self-paced online.
Book now and we will update you on any future changes to UK legislation and update your GDPR qualifications to match.
Browse the risk management frameworks training courses in IT Governance's webshop, your one-stop shop for high-quality and cost-effective training solutions.
If you’d like to pursue a career as a DPO (data protection officer) or you’ve been tasked with fulfilling the role in your organisation, enrol on one of our training courses to gain the skills and knowledge to carry out your duties. We offer a range of training formats, including classroom, Live Online and in-house.
Web application vulnerabilities are a common point of intrusion for cyber criminals. As cyber security threats proliferate and attacks escalate, and as applications play an increasingly critical role in business, organisations urgently need to focus on web application security to protect their customers, their interests and their assets.
Although awareness of the need for web application security is increasing, security levels are nowhere near enough: according to the 2015 Trustwave Global Security Report, 98% of tested web applications were vulnerable to attack.
SMEs in particular should be very concerned about web application security: many use common, off-the-shelf applications and plugins – such as Internet Explorer, Java, Silverlight, and Adobe Reader and Flash Player – which often contain exploitable vulnerabilities.
Application Security in the ISO 27001:2013 Environment explains how organisations can implement and maintain effective security practices to protect their web applications – and the servers on which they reside – as part of a wider information security management system by following the guidance set out in the international standard for information security management, ISO 27001.
The book describes the methods used by criminal hackers to attack organisations via their web applications and provides a detailed explanation of how you can combat such attacks by employing the guidance and controls set out in ISO 27001.
Vinod Vasudevan, CISSP, is the chief technology officer (CTO) at Paladion. Before co-founding Paladion, Vinod worked with Microsoft. He wrote the chapter ‘Application Security and ISO27001’.
Anoop Mangla is a risk specialist in banking and finance, and an expert on the effectiveness of security technologies in organisations’ security. He wrote the chapter ‘Introduction to Application Security Threats’.
Firosh Ummer, CISA, ISO27001 LA, CBCP, BS15000 LA, is co-founder of Paladion and head of the ISO 27001 consulting practice. Firosh wrote the chapter ‘Threat Profiling and Security Testing’.
Sachin Shetty, CISSP, is a senior application security engineer with Paladion. He wrote the chapter ‘Attacks on Applications’.
Sangita Pakala, GCIH, is Head of Application Security Projects at Paladion. She wrote the chapter ‘Secure Development Lifecycle’.
Siddharth Anbalahan is a senior application security engineer. He has developed anti-phishing toolkits to enable banks to detect phishing attacks in real time. Siddharth wrote the chapter ‘Secure Coding Guidelines’.