ISACA’s New Cybersecurity Resources Include Hands-on Training to Mitigate OWASP Top 10 Vulnerabilities


A new course and labs from ISACA’s Cybersecurity Nexus (CSX) help security professionals gain skills in a live environment

The myriad of risks related to web applications can leave organisations feeling overwhelmed. However, with the Open Web Application Security Project (OWASP) Top 10 list of application security risks, organisations have been able to narrow their focus and dedicate resources to the most pressing vulnerabilities. Now, cybersecurity professionals can take the next step in better understanding these OWASP Top 10 risks—including injection attacks, broken authentication and sensitive data exposure—and how to mitigate them through a new hands-on, skills-based online course offered from ISACA’s Cybersecurity Nexus (CSX).

Through the CSX Immersion: The OWASP Top 10 course, professionals will learn to identify and address all 10 web application vulnerabilities identified by the OWASP Top 10. Its online, self-paced format allows participants the unique opportunity to gain hands-on experience through labs in a live network with real vulnerabilities.

“As professionals go over the intricacies of each vulnerability in these live labs, they will build cybersecurity skills for the real world and become stronger cyber defenders on their teams,” said Frank Downs, ISACA director, cybersecurity practices. “Gaining hands-on experience will provide participants with not only the knowledge, but also the applicable skills, to respond to vulnerabilities in internal technology and data systems within their enterprises.”

Not only will participants gain vital cybersecurity skills, but they will also earn 24 CPE credits toward their professional development by completing the course, which is US$349 for ISACA members and $499 for non-members. For more information and to register, visit

Additionally, CSX has released a new collection of labs covering hot topics across beginner, intermediate and advanced levels, including:

  • Access Management with Windows Server Lab
  • NSA Secure Host Baseline Lab
  • Windows Event Monitor Lab
  • PowerShell Lab
  • Windows Penetration Tests Lab
  • Windows Services – Principal of Least Functionality Lab
  • System Hardening Challenge Lab
  • Fun with Powershell Challenge Lab

Each of these labs provides two CPE credits, and costs US$30 for members, $45 for non-members and $20 for students. More information and registration details can be found at

ISACA’s Cybersecurity Nexus offers resources to help cybersecurity professionals at every level of their careers build the skills and knowledge that they and their organisations are seeking. For more information on CSX guidance, research tools or certificates, visit: