Description
Overview
About this Course
- 07:09:00 Hours
- 12 Months Access
- Presented by highly qualified, industry leading experts
In this series, Justin and Daniel explore the 2017 edition of the OWASP Top Ten Vulnerabilities. For each vulnerability, a scenario and application is created that demonstrates the vulnerability at hand, Daniel demonstrates and explains exploiting the vulnerability, Justin shows fixing the vulnerability, then take time to discuss how that vulnerability may manifest in different ways. If you are looking to get a foundation in web application security, then join Justin and Daniel for the OWASP Top Ten.
Course Details
Objectives
- Explore the role of security in the software development life cycle and how best to create secure applications.
- Recognize how software security defects are exploited.
- Explore discovery methods for critical security issues.
Audience
This course for who learn OWASP and primarily written for developers. However, development managers, product owners, Q/A professionals, program managers.
Course Outline
OWASP TOP 10 – 2017
- Overview
- A1 Injection: Exploit
- A1 Injection: Mitigate
- A1 Injection: Breakdown
- A2 Broken Auth: Exploit
- A2 Broken Auth: Mitigate
- A2 Broken Auth: Breakdown
- A3 Sensitive Data Exposure: Exploit
- A3 Sensitive Data Exposure: Mitigate
- A3 Sensitive Data Exposure: Breakdown
- A4 XML External Entities: Exploit
- A4 XML External Entities: Mitigate
- A4 XML External Entities: Breakdown
- A5 Broken Access Control: Exploit
- A5 Broken Access Control: Mitigate
- A5 Broken Access Control: Breakdown
- A6 Security Misconfiguration: Exploit
- A6 Security Misconfiguration: Mitigate
- A6 Security Misconfiguration: Breakdown
- A7 Cross-Site Scripting (XSS): Exploit
- A7 Cross-Site Scripting (XSS): Mitigate
- A7 Cross-Site Scripting: Breakdown
- A8 Insecure Deserialization: Exploit
- A8 Insecure Deserialization: Mitigate
- A8 Insecure Deserialization: Breakdown
- A9 Components W/ Known Vulnerabilities: Exploit
- A9 Components W/ Known Vulnerabilities: Mitigate
- A9 Using Components Known Vulnerability Breakdown
- A10 Insufficient Logging And Monitoring