YoVDO

OWASP Top 10: #7 XSS and #8 Insecure Deserialization

Offered By: LinkedIn Learning

Tags

Cross-Site Scripting (XSS) Courses Web Application Security Courses Content Security Policy Courses Insecure Deserialization Courses

Course Description

Overview

Prepare for the seventh and eighth most common vulnerabilities on the 2021 OWASP Top 10 List: identity and authentication failures, and software and data integrity failures.

Syllabus

Introduction
  • OWASP Top 10
  • OWASP Top 10 series
1. Identification and Authentication Failures
  • What are identification and authentication failures?
  • Example 1: Pwned Passwords
  • Example 2: 2021 Verkada data breach
  • Prevention technique: Check for weak passwords
  • Prevention technique: Use multi-factor authentication
  • Prevention technique: Log and limit repeated login attempts
2. Software and Data Integrity Failures
  • What are software and data integrity failures?
  • Example 1: Solar Winds software supply chain attack
  • Example 2: 2021 Codecov bash uploader compromise
  • Prevention technique: Use digital signatures
  • Prevention technique: Ensure repositories are trustworthy
  • Prevention technique: Review code and configuration changes
Conclusion
  • OWASP Top 10 keep learning

Taught by

Caroline Wong

Related Courses

Configuring Security Headers in ASP.NET and ASP.NET Core Applications
Pluralsight Modern Browser Security Reports
Pluralsight PHP Web Application Security
Pluralsight Magento 2 Quick Tips
YouTube Web Security: Same-Origin Policies
LinkedIn Learning