Web Vulnerability Assessment for Beginners (Critical Information and Communication Infrastructure)

Take the ISMS web diagnosis lecture and try diagnosing web vulnerabilities!

📣 Please note before taking the course!
• The lecture volume was recorded at a low level. Please check the [Preview] of the lecture before enrolling.
• This course provides  logic and report writing guides for web vulnerability assessment and vulnerabilities.

💻 Course Introduction

This course is a lecture on diagnosing and writing reports for applications (URLs) among the infrastructure and applications that are assessed during the annual vulnerability assessment.

The course covers web vulnerability assessment, which is the most essential skill for getting a job in the security industry. To assist students, please note that we also provide a guide on the logic of web vulnerability assessment and how to write reports!

🗒 What is ISMS certification?

ISMS certification is an abbreviation for Information Security Management System certification, and it is a system where a nationally accredited certification body evaluates and guarantees that the important information of companies, individuals, and industries is being managed securely.

Furthermore, as it is a mandatory certification for businesses included as mandatory targets (Article 47, Paragraph 2 of the Network Act) according to Article 47 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. (Network Act) and Articles 47 to 54 of the Enforcement Decree, its importance is steadily increasing.

(Source: Korea Internet & Security Agency website)

🧑 Recommended Audience

✅ Managers who need to prepare for ISMS but do not know how to perform web vulnerability assessments
✅ Job seekers dreaming of becoming a consultant

🙌 Tools covered here

• BurpSuite (Can be replaced with Paros or Fiddler)
• CookieEdit(Chrome)
• FalconProxy(Chrome)
• WireShark

🙋🏻‍♂️ Expected questions regarding the lecture

Q. Can non-majors take this course?
A. Of course, I am also from a non-major background.

Q. Can I perform ISMS web assessments after taking this course?
A. Of course. I also provide the logic and report writing guides for it.
Additionally, I will help you save as much time as possible by explaining frequently occurring vulnerabilities in great detail.
* However, please note that assessment results also depend heavily on the assessor's intuition.

Q. Can I get a job as a consultant after learning this?
A. This is a bit of a gray area. While a foundation in technical assessment is important for landing a consulting job, and web vulnerability assessment is the most frequently checked area during technical interviews, web vulnerability assessment should be viewed as just one part of the role, as logic is the most critical factor for a consultant and must be supported by corresponding knowledge.