YoVDO

OWASP Top 10: #1 Injection and #2 Broken Authentication

Offered By: LinkedIn Learning

Tags

OWASP Top 10 Courses Web Security Courses Data Classification Courses Injection Attacks Courses Key Management Courses Broken Access Control Courses Least Privilege Courses

Course Description

Overview

Learn about broken access control and cryptographic failures, the first two security vulnerabilities listed on the 2021 OWASP Top 10.

Syllabus

Introduction
  • OWASP Top 10
1. Broken Access Control
  • What is broken access control?
  • Example 1: 2021 Facebook broken access control vulnerability
  • Example 2: 2021 personal data travel breach
  • Prevention techniques: Least privilege
  • Prevention techniques: Record ownership and logging
  • Prevention techniques: Functional access control testing
2. Cryptographic Failure
  • What is cryptographic failure?
  • Example 1: 2021 GoDaddy plaintext passwords
  • Example 2: Using a broken or risky cryptographic algorithm
  • Prevention techniques: Data classification
  • Prevention techniques: Proper key management
  • Prevention techniques: Secure protocols
Conclusion
  • OWASP Top 10 keep learning

Taught by

Caroline Wong

Related Courses

Learn Admin Fundamentals in Marketing Cloud
Salesforce via Trailhead Basic Cryptography and Programming with Crypto API
University of Colorado System via Coursera User Authentication & Authorization in Express
Codecademy Introduction to Web Authentication
World Wide Web Consortium (W3C) via edX Web Security Fundamentals
KU Leuven University via edX