TRUST matters

June 2024

An 8-day Hands-on Web Security Course

In its inaugural educational outreach initiative, IITB Trust Lab’s 8-day web security course offered the participants a robust combination of theoretical knowledge and hands-on experience. This course marks the beginning of IITB Trust Lab’s commitment to bridging the cybersecurity skills gap in India.

In response to India’s rapidly evolving digital landscape and the growing importance of cybersecurity, IITB Trust Lab recently conducted an 8-Day Hands-On Web Security Course. This comprehensive course, meticulously designed by CSE faculty member Prof. Kameswari Chebrolu, attracted a diverse cohort of 33 participants, including students, professionals, and a notable contingent of 19 experts from the National Stock Exchange.

The course content was carefully curated to provide a holistic understanding of web security. It was divided into three primary modules:

  1. Web Background: This foundational module covered essential topics such as web fundamentals, browser internals, web protocols, and the current web security landscape.
  2. Server Side Attacks and Defense: Participants delved into critical areas including SQL injection, Server Side Request Forgery (SSRF), and authentication vulnerabilities.
  3. Client Side Attacks and Defense: This module focused on key concepts like Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and clickjacking.

What distinguished this course and garnered enthusiastic feedback from participants was its strong emphasis on practical application. Each day was structured to include theoretical lectures in the morning, followed by immersive lab sessions in the afternoon. This format allowed participants to immediately apply their newly acquired knowledge in a hands-on environment.

The practical sessions were particularly praised for their depth and relevance. Participants engaged in activities such as manipulating web pages with browser developer tools and conducting security testing with OWASP ZAP. These exercises provided invaluable real-world experience in identifying and addressing system vulnerabilities and security threats.

Kaustubh Saraf, an undergraduate student from G.H. Raisoni College of Engineering, Nagpur, highlighted the course’s real-world applicability: “The course excelled in covering both theoretical and practical aspects of web applications. Prof. Chebrolu’s focus on practical defense and attack strategies provided knowledge that is directly applicable in professional settings.”

The course also featured a guest lecture by Mr. Abhijit Limaye, an independent cybersecurity consultant. His industry insights provided participants with a valuable practitioner’s perspective on application security.

The program concluded with a formal certificate-giving ceremony, attended by Prof. Siddhartha Ghosh, Dean of Education Outreach, underscoring the institutional support and recognition for this initiative.

By successfully integrating comprehensive theoretical instruction with extensive practical application, the course has created a highly effective learning model. This approach not only imparts knowledge but also ensures that participants develop the skills necessary to address real-world cybersecurity challenges.

As cyber threats continue to evolve, the demand for such comprehensive and practical training programs is likely to grow. IITB Trust Lab is poised to meet this need, with plans for additional courses in the pipeline. Interested individuals may visit the IITB Trust Lab website or follow our social media channels for updates on future educational opportunities in the field of Web Security.