YoVDO

OWASP Top 10: #7 XSS and #8 Insecure Deserialization

Offered By: LinkedIn Learning

Tags

Cross-Site Scripting (XSS) Courses Web Application Security Courses Content Security Policy Courses Insecure Deserialization Courses

Course Description

Overview

Prepare for the seventh and eighth most common vulnerabilities on the 2021 OWASP Top 10 List: identity and authentication failures, and software and data integrity failures.

Syllabus

Introduction
  • OWASP Top 10
  • OWASP Top 10 series
1. Identification and Authentication Failures
  • What are identification and authentication failures?
  • Example 1: Pwned Passwords
  • Example 2: 2021 Verkada data breach
  • Prevention technique: Check for weak passwords
  • Prevention technique: Use multi-factor authentication
  • Prevention technique: Log and limit repeated login attempts
2. Software and Data Integrity Failures
  • What are software and data integrity failures?
  • Example 1: Solar Winds software supply chain attack
  • Example 2: 2021 Codecov bash uploader compromise
  • Prevention technique: Use digital signatures
  • Prevention technique: Ensure repositories are trustworthy
  • Prevention technique: Review code and configuration changes
Conclusion
  • OWASP Top 10 keep learning

Taught by

Caroline Wong

Related Courses

Writing Secure Code in ASP.NET
Packt via Coursera
Cybersécurité : comment sécuriser un site web
Institut Mines-Télécom via Coursera
Cross-Site Scripting
Cybrary
Identifying Web Attacks Through Logs
Cybrary
OWASP Top 10 - A03:2021 - Injection
Cybrary