OWASP Top 10: #3 Sensitive Data Exposure and #4 External Entities (XXE)
Offered By: LinkedIn Learning
Course Description
Overview
Get an overview of the #3 and #4 top software vulnerabilities—injection and insecure design—described in the 2021 OWASP Top 10.
Syllabus
Introduction
- 2021 OWASP Top 10
- What you should know
- What is injection?
- Example #1: 2008 Heartland data breach
- Example #2: 2020 Accellion data breach
- Prevention technique #1: Prepared statements
- Prevention technique #2: Input validation
- Prevention technique #3: Escape special characters
- What is insecure design?
- Real-world example #1: G Suite accounts in 2018
- Real-world example #2: 2021 manufacturing data risk report
- Prevention technique #1: Threat modeling
- Prevention technique #2: Secure design patterns and principles
- Prevention technique #3: Secure development lifecycle
- Next steps
Taught by
Caroline Wong
Related Courses
Internet History, Technology, and SecurityUniversity of Michigan via Coursera Sicherheit im Internet
openHPI أساسيات التشفير
Rwaq (رواق) Desarrollo de Aplicaciones Web: Seguridad
University of New Mexico via Coursera Web Application Development: Security
University of New Mexico via Coursera