Web Application Penetration Testing: Configuration and Deployment Management Testing

by Lee Allen

This course will teach you how to perform systematic penetration testing of configuration and deployment management using OWASP principles.

What you'll learn

Learn how to test the deployed configuration that your applications are released on. In this course, Web Application Penetration Testing: Configuration and Deployment Management Testing, you'll learn how to perform systematic configuration and deployment management testing to ensure that misconfigurations, or mistakes made during application deployment, do not provide opportunities for attackers to compromise infrastructures or applications. First, you'll discover how to validate network and infrastructure configuration. Next, you'll explore testing the platform that applications are deployed upon. Then, you'll learn how to ensure that backup configurations and administrative interfaces do not open you up to attacks. Finally, you'll go through testing cross-domain policies for rich internet applications. By the end of this course, you'll have an understanding of how OWASP testing principles can be leveraged to systematically test configuration and deployment management.

Table of contents

Course Overview
2mins
Validating HTTP Strict Transport Security Headers (HSTS)
7mins

About the author

Lee has worked in the security industry for over 20 years. His experience includes providing various security services to several organizations including an Internet Service Provider, a computer manufacturer, a global pharmaceutical company, a public university, and a large bank where he was responsible for the penetration testing team. Lee has published several books focused on teaching penetration testing skills and is an active Pluralsight author where he has published more than 10 video tra... more

Ready to upskill? Get started