YoVDO

OWASP Top 10: #7 XSS and #8 Insecure Deserialization

Offered By: LinkedIn Learning

Tags

Cross-Site Scripting (XSS) Courses Web Application Security Courses Content Security Policy Courses Insecure Deserialization Courses

Course Description

Overview

Prepare for the seventh and eighth most common vulnerabilities on the 2021 OWASP Top 10 List: identity and authentication failures, and software and data integrity failures.

Syllabus

Introduction
  • OWASP Top 10
  • OWASP Top 10 series
1. Identification and Authentication Failures
  • What are identification and authentication failures?
  • Example 1: Pwned Passwords
  • Example 2: 2021 Verkada data breach
  • Prevention technique: Check for weak passwords
  • Prevention technique: Use multi-factor authentication
  • Prevention technique: Log and limit repeated login attempts
2. Software and Data Integrity Failures
  • What are software and data integrity failures?
  • Example 1: Solar Winds software supply chain attack
  • Example 2: 2021 Codecov bash uploader compromise
  • Prevention technique: Use digital signatures
  • Prevention technique: Ensure repositories are trustworthy
  • Prevention technique: Review code and configuration changes
Conclusion
  • OWASP Top 10 keep learning

Taught by

Caroline Wong

Related Courses

Advanced Cyber Security Training: OWASP Top 10 and Web Application Fundamentals
EC-Council via FutureLearn An Introduction to OWASP Top 10 Vulnerabilities
Udemy Protecting Against XML External Entity and Deserialization Attacks in ASP.NET and ASP.NET Core
Pluralsight Previous OWASP Risks
Infosec via Coursera Web Security Academy Learning Path
PortSwigger via Independent