In the OWASP Proactive Controls course, students will learn about the OWASP Top 10 Proactive Controls document and the many guidelines it provides to help developers write better and more secure code. In particular, the trainer will provide an overview of the Proactive Controls and then cover all ten security controls. These security controls include testing for security early and often, learning about parameterizing SQL queries, encoding data input that may be parsed as executable code, validating data input, authentication techniques to make sure you know who is using your web applications. Students will also learn about implementing access control to verify what a user is allowed to do in a system, methods of protecting data at rest and in transit, implementing logging and intrusion detection, and finally learn about using existing security frameworks and libraries as well as best practices for error and exception handling.

View Course