OWASP Top 10: #3 Sensitive Data Exposure and #4 External Entities (XXE)
Offered By: LinkedIn Learning
Course Description
Overview
Get an overview of the #3 and #4 top software vulnerabilities—injection and insecure design—described in the 2021 OWASP Top 10.
Syllabus
Introduction
- 2021 OWASP Top 10
- What you should know
- What is injection?
- Example #1: 2008 Heartland data breach
- Example #2: 2020 Accellion data breach
- Prevention technique #1: Prepared statements
- Prevention technique #2: Input validation
- Prevention technique #3: Escape special characters
- What is insecure design?
- Real-world example #1: G Suite accounts in 2018
- Real-world example #2: 2021 manufacturing data risk report
- Prevention technique #1: Threat modeling
- Prevention technique #2: Secure design patterns and principles
- Prevention technique #3: Secure development lifecycle
- Next steps
Taught by
Caroline Wong
Related Courses
Software as a ServiceUniversity of California, Berkeley via Coursera Intro to Computer Science
University of Virginia via Udacity Web Development
Udacity Software Engineering for SaaS
University of California, Berkeley via Coursera CS50's Introduction to Computer Science
Harvard University via edX