OWASP Top 10: #7 XSS and #8 Insecure Deserialization
Offered By: LinkedIn Learning
Course Description
Overview
Prepare for the seventh and eighth most common vulnerabilities on the 2021 OWASP Top 10 List: identity and authentication failures, and software and data integrity failures.
Syllabus
Introduction
- OWASP Top 10
- OWASP Top 10 series
- What are identification and authentication failures?
- Example 1: Pwned Passwords
- Example 2: 2021 Verkada data breach
- Prevention technique: Check for weak passwords
- Prevention technique: Use multi-factor authentication
- Prevention technique: Log and limit repeated login attempts
- What are software and data integrity failures?
- Example 1: Solar Winds software supply chain attack
- Example 2: 2021 Codecov bash uploader compromise
- Prevention technique: Use digital signatures
- Prevention technique: Ensure repositories are trustworthy
- Prevention technique: Review code and configuration changes
- OWASP Top 10 keep learning
Taught by
Caroline Wong
Related Courses
Web Security Academy Learning PathPortSwigger via Independent Advanced Cyber Security Training: OWASP Top 10 and Web Application Fundamentals
EC-Council via FutureLearn Protecting Against XML External Entity and Deserialization Attacks in ASP.NET and ASP.NET Core
Pluralsight Specialized Testing: Deserialization
Pluralsight Previous OWASP Risks
Infosec via Coursera