Cyber security training by elfGROUP

elfGROUP organises their popular web application pentest training as an open workshop for the first time. The training is a 1-day workshop, that is organized as a Teams meeting. The participants will receive virtual Linux computers with all necessary software for the duration of the training to be able to conduct the hands-on exercises. All you need is a browser and an Internet connection – and interest towards web application security testing!
Check next available open workshop days from our registration page!


Web Application Hacking and Penetration Testing Workshop

It is very important for software quality engineers, testers and basically to anyone responsible for securing web applications, to understand the web application vulnerabilities and to be able to pay attention to the cyber security aspects while conducting their regular functional testing. This 1-day instructor led workshop training focuses on introducing web application security and vulnerability concepts and on teaching and practicing web application penetration testing hands-on.

  • To understand the security testing mindset and approach
  • To learn about common vulnerabilities and how to find them using best practice tools (Burp Suite, browser add-ons)
  • Finding new vulnerabilities and attack paths in customer's own products (optional)
Who should attend?

The workshop is aimed at software testers, quality specialists and developers who want to expand their knowledge and practical skills regarding web application vulnerabilities and web application security testing.

  • Basic understanding of HTML, CSS and JavaScript
  • Basic understanding of HTTP Methods (GET, POST, PUT, DELETE etc)
  • Basic understanding of web application structures and e.g. REST APIs
  • Note: You do not need to be a security professional or a penetration tester to participate this training
Course content

The course material is in English and the training can be given in Finnish or English depending on the participants.

This workshop is led by an experienced penetration tester and combines both theoretical and practical approaches. First, the attendees are introduced to basic vulnerabilities and their characteristics (based on OWASP Top 10). After gaining enough understanding about the vulnerability categories, the hands-on part allows the attendees to practice with an intentionally vulnerable web application. Testing is done using remote virtual machines and the instructor is able to join the desktop sessions to support you in an efficient way.

At the end of the workshop, time allowing, the attendees can test their newly acquired skills together with the instructor in the participants' own applications. We also organize this workshop as company specific courses, making it easier to focus on testing company specific applications.

  • Common vulnerabilities (OWASP Top 10)
  • Penetration Testing Methodology
  • Introduction to common tools used in security testing
    • Burp Suite, web developer tools, useful browser addons

The attendees of the workshop will receive their own virtual machine which has all the tools pre-installed and ready to use. The environment setup makes it possible to receive instructions tailored to each individual during troubleshooting in remote training setups. The course material is in English and the training can be given in Finnish or English depending on the participants.



” Well organized training. The session was nicely summarized and it flowed well throughout the day.”

” Good training and very necessary.”

Customer feedback from a pentesting workshop organized to our customers in May 2020.

Haluatko lisätietoa palvelusta

Interested to learn more?

In our blog series, we write about cybersecurity domain in general, our service and product offerings as well as show case some of our customer cases. The blog posts are categorized by service types.

Read our blog



Suggest a theme for future workshops!