YoVDO

OWASP Top 10: #9 Components with Known Vulnerabilities and #10 Insufficient Logging and Monitoring

Offered By: LinkedIn Learning

Tags

Cybersecurity Courses Network Security Courses Incident Response Courses Application Security Courses Data Breaches Courses OWASP Top 10 Courses

Course Description

Overview

Prepare for the ninth and tenth most common vulnerabilities on the 2021 OWASP Top 10 List: security logging and monitoring failures and server-side request forgery.

Syllabus

Introduction
  • 2021 OWASP Top 10
  • OWASP Top 10 series
1. Security Monitoring and Logging Failures
  • What are security monitoring and logging failures?
  • Example 1: 2018 Starwood data breach
  • Example 2: 2021 South Georgia Medical Center insider threat
  • Prevention technique: Ensure logging includes sufficient user context
  • Prevention technique: Ensure monitoring and alerting are active and consistent
  • Prevention technique: Establish an incident response and recovery plan
2. Server-Side Request Forgery
  • What is Server-Side Request Forgery (SSRF)?
  • Example 1: 2019 Capital One breach
  • Example 2: 2017 GitHub Enterprise chained exploits
  • Prevention technique: Network layer prevention techniques
  • Prevention technique: Application layer
  • Prevention technique: Require authentication for internal services
Conclusion
  • Explore more of the OWASP Top 10

Taught by

Caroline Wong

Related Courses

An Introduction to Computer Networks
Stanford University via Independent Computer Networks
University of Washington via Coursera Computer Networking
Georgia Institute of Technology via Udacity Cybersecurity and Its Ten Domains
University System of Georgia via Coursera Model Building and Validation
AT&T via Udacity