Erm0rpssrecvxvztudgh si teachable course image

Unraveling the Web Services Mystery

Explore testing techniques and tools for SOAP-based and RESTFul Web Services

Web services have been a cornerstone in the architecture of enterprise and startup solutions for many years. However, testing the security of web services is still considered a daunting and obscure task for many penetration testers. On the other side of the coin, full knowledge of how to properly secure web services is sporadic in the development community. In this two-hour session the instructor aims to to fill this knowledge gap by first defining and explaining web services and then walking through best practices for both testing and securing them. By the end of the session students should have a good understanding of the difference between SOAP-based and RESTful web services. Students will also understand common attack vectors, which testing tools to use, and best practices for securing web services against these attacks.


Your Instructor


Jason Gillam
Jason Gillam

Jason Gillam is a Principal Security Consultant with Secure Ideas. He has over 15 years of industry experience in enterprise software solutions, system architecture, and application security. Jason has spent most of his career in technical leadership roles ranging from startups to fortune 100 companies and has learned the business acumen necessary to advise everyone from developers to senior executives on security and architecture.

Jason co-built and managed an award-winning ethical hacking program at one of the world's largest financial institutions. He also provided numerous application security training and awareness briefings to a large internal technical audience and led the development of best practices code and documentation for the the same. Jason is especially passionate about integration of security best practices with the SDLC.

Jason holds his GIAC Web-Application Tester certification. He has spoken at several events including the Charlotte-Metro ISSA Summit, multiple BSides events, Hackfest (Canada), and the UNC Charlotte Cyber Symposium. He is also the author of several Burp extensions including CO2 and correlator, and an active contributor to other open-source projects including MobiSec, SamuraiWTF, and Laudanum.


Class Curriculum


  Unraveling Web Services
Available in days
days after you enroll

Frequently Asked Questions


When does the course start and finish?
The course starts now and never ends! It is a completely self-paced online course - you decide when you start and when you finish.
How long do I have access to the course?
How does lifetime access sound? After enrolling, you have unlimited access to this course for as long as you like - across any and all devices you own.
What if I am unhappy with the course?
We would never want you to be unhappy! If you are unsatisfied with your purchase, contact us in the first 30 days and we will give you a full refund.

Get started now!