Popular ISO 9001 Quality management > ISO 13485 Quality management for medical devices > ISO 14001 Environmental management > ISO 22301 Business continuity > ISO/IEC 27001 Information security > ISO 45001 (OHSAS 18001) Occupational health and safety > View all standards >
Access and buy standards How to access standards > Decide which option works best for your business Buy standards > Standards subscriptions > BSOL > Full standards collections Compliance Navigator > Medical device standards Eurocodes PLUS > Structural design standards BSI Membership > Services include knowledge centre, events and discounts
About standards What are standards? > Find out on how standards can help The role of BSI > UK Standards Organization, ISO, IEC, CEN, CENELEC, ETSI Get involved > Become a standards maker, join a committee Have your say > Propose or comment on a standard Consumer alerts > Know which products have been recalled
Working with standards Business and industry > Build trust and win more business, no matter the size of your company Government > Enhancing standards infrastructure, technical assistance and capacity building Education > Supporting students, research programmes, and young professionals Consumers > Tackling issues consumers face through BSI Kitemark and Consumer and Public Interest Network (CPIN)
Standards and information Access and buy standards > Search our standards catalogue Develop a standard > Work with BSI to develop a standard Online subscription services > BSOL, Compliance Navigator, Eurocodes PLUS, BSI Membership and SCREEN Standards services > Create a fast-track standardization document, Consultancy, Research and Insights and International Projects
Auditing, certification and training Assessment and ISO certification > ISO certification and others eg: IATF, FSSC Auditing and verification > Supplier audits, custom audits and internal audits Product testing and certification > BSI Kitemark, CE marking and verification, Market access solutions Validate BSI-issued certificates > Check company, site and product certificates
Training courses > Individual, group and company-wide training Medical devices services > CE marking for medical devices, MDR and IVDR, quality management for medical devices Compliance software and solutions > Software tools and solutions for governance, cyber security, risk and supply chain management
Consulting practices Cybersecurity and information resilience > Standards Consulting > Management advisory service Supply chain management > View all BSI services >
Industry reports, research and news COVID-19 > Digital construction > BIM, smart cities and connected assets Future of mobility > Global market access > Health, safety and wellbeing >
Information security > Cybersecurity, privacy (GDPR) and compliance Innovation > Internet of things (IoT) > Organizational resilience > Sustainability > - Circular economy > - Net zero > View all topics >
Blogs Built Environment > Cybersecurity and information resilience > Food Industry > Medical devices > Small Business > View all blogs >
About BSI > BSI impartiality > Our accreditation > Our clients and partners > Our financial information >
Our governance > Our legal information > Our purpose, mission and vision > Our Royal Charter > UK National Standards body > The global role of BSI as the national standards body
Careers > Events and webinars > Media centre > Sustainability > Modern slavery statement Contact us >
Security technology solutions > We partner with leading cloud security vendors Security testing > Vulnerability Assessment, Penetration Testing, Attack Simulation Third party security and risk assessment > Implement a robust information risk management framework
Virtual CISO > Find the right vCISO Business continuity consulting services > Make your business resilient to an ever changing and challenging world Incident management > Respond instantly to a data breach View all our cybersecurity services >
Data protection ( GDPR ) > Achieving and maintaining compliance with GDPR eDiscovery and Digital forensics > Understand and take control of your data Data subject requests (DSAR) support > Simplify, automate and reduce your response time for DSARs
DPO as a service > Quickly access to specialized, skilled and experienced consultants Article 27 Representation > Ensure your organization meets GDPR compliance obligations Data Protection Impact Assessment (DPIA) support > Minimize privacy and security risk View all our privacy and data protection solutions >
Certified information security courses > Get the skills you need to build resilience around information security management End user awareness and phishing simulations > Robust and compliant training courses
Social engineering > Recognize and avoid social engineering scams Online interactive solutions > Privacy and compliance education solutions View all our training courses >
PCI DSS > Discover our range of PCI DSS consultancy services Network and Information Systems Directive (NIS) > Achieve NIS compliance ISO/IEC 27001 consulting services > Identify and prioritize key risks across the organization
Cyber Lab (CAS, CPA, CTAS) > Carry out assessments against recognized NCSC schemes SOC 2 > Identify all services and solutions to be considered in-scope for the SOC report Internet of Things (IOT) > Enabling a smart and secure world View all our compliance services >
Fundamentals of Web Application Defence training course Our one-day Fundamentals of Web Application Defence training course is a great opportunity for you to look at web applications through the eyes of the hacker. You'll learn about insecurities, vulnerabilities and exploits that lay within web applications and how to use secure design and development best practices to eliminate these risks. This course will give you the confidence to reduce the risk of web applications for your business. Who should attend? Those responsible for developing, managing, testing or maintaining web based applications, or anyone with an interest in ensuring the security of their web presence, such as: Web application developers Compliance officers Technical managers Information security team members IT Managers Team leaders What will I learn? Web application security Authentication Session management Authorization Data validation Information disclosure Code injection Cross site scripting Path traversal OWA SP Top 10 Threat modelling Security methodology How will I benefit? Gain an understanding of the best practices for web application defence Get the opportunity to sample our vulnerable web application – helping you put the theory into practice Gain insight into the insecurities, vulnerabilities and exploits that lay within your web applications Confidently identify and eliminate these new risks before they result in damage to the organization What's included? Comprehensive course materials Penetration testing toolkit Access to a vulnerable web application Certificate of attendance Lunch Refreshments