YoVDO

OWASP Top 10: #9 Components with Known Vulnerabilities and #10 Insufficient Logging and Monitoring

Offered By: LinkedIn Learning

Tags

Cybersecurity Courses Network Security Courses Incident Response Courses Application Security Courses Data Breaches Courses OWASP Top 10 Courses

Course Description

Overview

Prepare for the ninth and tenth most common vulnerabilities on the 2021 OWASP Top 10 List: security logging and monitoring failures and server-side request forgery.

Syllabus

Introduction
  • 2021 OWASP Top 10
  • OWASP Top 10 series
1. Security Monitoring and Logging Failures
  • What are security monitoring and logging failures?
  • Example 1: 2018 Starwood data breach
  • Example 2: 2021 South Georgia Medical Center insider threat
  • Prevention technique: Ensure logging includes sufficient user context
  • Prevention technique: Ensure monitoring and alerting are active and consistent
  • Prevention technique: Establish an incident response and recovery plan
2. Server-Side Request Forgery
  • What is Server-Side Request Forgery (SSRF)?
  • Example 1: 2019 Capital One breach
  • Example 2: 2017 GitHub Enterprise chained exploits
  • Prevention technique: Network layer prevention techniques
  • Prevention technique: Application layer
  • Prevention technique: Require authentication for internal services
Conclusion
  • Explore more of the OWASP Top 10

Taught by

Caroline Wong

Related Courses

Cyber Threats and Attack Vectors
University of Colorado System via Coursera Cybersecurity in Healthcare (Hospitals & Care Centres)
Erasmus University Rotterdam via Coursera Information Security Operations Center ISOC for Non-Techies
Udemy Cloud Data Security
University of Minnesota via Coursera Network Security Basics
Pluralsight