YoVDO

OWASP Top 10: #1 Injection and #2 Broken Authentication

Offered By: LinkedIn Learning

Tags

OWASP Top 10 Courses Web Security Courses Data Classification Courses Injection Attacks Courses Key Management Courses Broken Access Control Courses Least Privilege Courses

Course Description

Overview

Learn about broken access control and cryptographic failures, the first two security vulnerabilities listed on the 2021 OWASP Top 10.

Syllabus

Introduction
  • OWASP Top 10
1. Broken Access Control
  • What is broken access control?
  • Example 1: 2021 Facebook broken access control vulnerability
  • Example 2: 2021 personal data travel breach
  • Prevention techniques: Least privilege
  • Prevention techniques: Record ownership and logging
  • Prevention techniques: Functional access control testing
2. Cryptographic Failure
  • What is cryptographic failure?
  • Example 1: 2021 GoDaddy plaintext passwords
  • Example 2: Using a broken or risky cryptographic algorithm
  • Prevention techniques: Data classification
  • Prevention techniques: Proper key management
  • Prevention techniques: Secure protocols
Conclusion
  • OWASP Top 10 keep learning

Taught by

Caroline Wong

Related Courses

Big Data - Capstone Project
University of California, San Diego via Coursera Advanced Machine Learning
ITMO University via edX Secure Software Requirements for CSSLPĀ®
Pluralsight Information Systems Asset Protection: Asset Security
Pluralsight Configuring Data Security Policies in Microsoft Azure
Pluralsight