OWASP Top 10: #3 Sensitive Data Exposure and #4 External Entities (XXE)

Offered By: LinkedIn Learning

Tags

XML External Entity (XXE) Injection Courses Web Development Courses Cybersecurity Courses Encryption Courses Software Security Courses Input Validation Courses

Course Description

Overview

Get an overview of the #3 and #4 top software vulnerabilities—injection and insecure design—described in the 2021 OWASP Top 10.

Syllabus

Introduction

2021 OWASP Top 10
What you should know

1. Injection

What is injection?
Example #1: 2008 Heartland data breach
Example #2: 2020 Accellion data breach
Prevention technique #1: Prepared statements
Prevention technique #2: Input validation
Prevention technique #3: Escape special characters

2. Insecure Design

What is insecure design?
Real-world example #1: G Suite accounts in 2018
Real-world example #2: 2021 manufacturing data risk report
Prevention technique #1: Threat modeling
Prevention technique #2: Secure design patterns and principles
Prevention technique #3: Secure development lifecycle

Conclusion

Next steps

Taught by

Caroline Wong

Related Courses

Hacking and Patching
University of Colorado System via Coursera Build a Relative Layout App in Android Studio
Coursera Project Network via Coursera Secure Software Development: Implementation
Linux Foundation via edX Building a RESTful API with ASP.NET Core 3
Pluralsight Programming Foundations: Secure Coding
LinkedIn Learning