YoVDO

OWASP Top 10: #7 XSS and #8 Insecure Deserialization

Offered By: LinkedIn Learning

Tags

Cross-Site Scripting (XSS) Courses Web Application Security Courses Content Security Policy Courses Insecure Deserialization Courses

Course Description

Overview

Prepare for the seventh and eighth most common vulnerabilities on the 2021 OWASP Top 10 List: identity and authentication failures, and software and data integrity failures.

Syllabus

Introduction
  • OWASP Top 10
  • OWASP Top 10 series
1. Identification and Authentication Failures
  • What are identification and authentication failures?
  • Example 1: Pwned Passwords
  • Example 2: 2021 Verkada data breach
  • Prevention technique: Check for weak passwords
  • Prevention technique: Use multi-factor authentication
  • Prevention technique: Log and limit repeated login attempts
2. Software and Data Integrity Failures
  • What are software and data integrity failures?
  • Example 1: Solar Winds software supply chain attack
  • Example 2: 2021 Codecov bash uploader compromise
  • Prevention technique: Use digital signatures
  • Prevention technique: Ensure repositories are trustworthy
  • Prevention technique: Review code and configuration changes
Conclusion
  • OWASP Top 10 keep learning

Taught by

Caroline Wong

Related Courses

Authentication & Authorization: OAuth
Udacity Desarrollo de Aplicaciones Web: Seguridad
University of New Mexico via Coursera Web Application Development: Security
University of New Mexico via Coursera Hacking and Patching
University of Colorado System via Coursera Fundamentals of Computer Network Security
University of Colorado System via Coursera