OWASP Top 10: #3 Sensitive Data Exposure and #4 External Entities (XXE)

Offered By: LinkedIn Learning

Tags

XML External Entity (XXE) Injection Courses Web Development Courses Cybersecurity Courses Encryption Courses Software Security Courses Input Validation Courses

Course Description

Overview

Get an overview of the #3 and #4 top software vulnerabilities—injection and insecure design—described in the 2021 OWASP Top 10.

Syllabus

Introduction

2021 OWASP Top 10
What you should know

1. Injection

What is injection?
Example #1: 2008 Heartland data breach
Example #2: 2020 Accellion data breach
Prevention technique #1: Prepared statements
Prevention technique #2: Input validation
Prevention technique #3: Escape special characters

2. Insecure Design

What is insecure design?
Real-world example #1: G Suite accounts in 2018
Real-world example #2: 2021 manufacturing data risk report
Prevention technique #1: Threat modeling
Prevention technique #2: Secure design patterns and principles
Prevention technique #3: Secure development lifecycle

Conclusion

Next steps

Taught by

Caroline Wong

Related Courses

Internet History, Technology, and Security
University of Michigan via Coursera Sicherheit im Internet
openHPI أساسيات التشفير
Rwaq (رواق) Desarrollo de Aplicaciones Web: Seguridad
University of New Mexico via Coursera Web Application Development: Security
University of New Mexico via Coursera