OWASP Top 10: #3 Sensitive Data Exposure and #4 External Entities (XXE)

Offered By: LinkedIn Learning

Tags

XML External Entity (XXE) Injection Courses Web Development Courses Cybersecurity Courses Encryption Courses Software Security Courses Input Validation Courses

Course Description

Overview

Get an overview of the #3 and #4 top software vulnerabilities—injection and insecure design—described in the 2021 OWASP Top 10.

Syllabus

Introduction

2021 OWASP Top 10
What you should know

1. Injection

What is injection?
Example #1: 2008 Heartland data breach
Example #2: 2020 Accellion data breach
Prevention technique #1: Prepared statements
Prevention technique #2: Input validation
Prevention technique #3: Escape special characters

2. Insecure Design

What is insecure design?
Real-world example #1: G Suite accounts in 2018
Real-world example #2: 2021 manufacturing data risk report
Prevention technique #1: Threat modeling
Prevention technique #2: Secure design patterns and principles
Prevention technique #3: Secure development lifecycle

Conclusion

Next steps

Taught by

Caroline Wong

Related Courses

Systems & Network Security
Chaffey College via California Community Colleges System Software Security for Web Applications
Codio via Coursera Web Technologies and Security
Codio via Coursera Physical and Advanced Side-Channel Attacks
Graz University of Technology via edX Cache Side-Channel Attacks and Mitigations
Graz University of Technology via edX