LAB 315 - ATT&CK: Updating Vulnerable Java Web Application Server Software

Course Details

Course Number: LAB 315

Course Duration: 12 minutes

Course CPE Credits: 0.24

NICE Specialty Areas

Risk Management (RSK)
Securely Provision (SP)
Software Development (DEV)

Related Subject Matter

Java
MITRE ATT&CK
OWASP ASVS
OWASP Web
Skill Labs
Web

Foreign Languages Available:

English

Course Overview

This lab simulates a Cross-Site Scripting (XSS) vulnerability found in the AccountAll Cyber Range. The challenge includes an HR Back Office System that fails to implement the security principle of “Establish Secure Defaults”.

Leveraging a virtual machine, participants will apply ATT&CK Mitigation “M1051 Update Software” to fix the vulnerable Java Web Application Server Software.

Ready to Demo this course? Questions? Contact Us!