YoVDO

OWASP Top 10: #9 Components with Known Vulnerabilities and #10 Insufficient Logging and Monitoring

Offered By: LinkedIn Learning

Tags

Cybersecurity Courses Network Security Courses Incident Response Courses Application Security Courses Data Breaches Courses OWASP Top 10 Courses

Course Description

Overview

Prepare for the ninth and tenth most common vulnerabilities on the 2021 OWASP Top 10 List: security logging and monitoring failures and server-side request forgery.

Syllabus

Introduction
  • 2021 OWASP Top 10
  • OWASP Top 10 series
1. Security Monitoring and Logging Failures
  • What are security monitoring and logging failures?
  • Example 1: 2018 Starwood data breach
  • Example 2: 2021 South Georgia Medical Center insider threat
  • Prevention technique: Ensure logging includes sufficient user context
  • Prevention technique: Ensure monitoring and alerting are active and consistent
  • Prevention technique: Establish an incident response and recovery plan
2. Server-Side Request Forgery
  • What is Server-Side Request Forgery (SSRF)?
  • Example 1: 2019 Capital One breach
  • Example 2: 2017 GitHub Enterprise chained exploits
  • Prevention technique: Network layer prevention techniques
  • Prevention technique: Application layer
  • Prevention technique: Require authentication for internal services
Conclusion
  • Explore more of the OWASP Top 10

Taught by

Caroline Wong

Related Courses

MongoDB for .NET Developers
MongoDB University Web Application Development – Capstone Course
University of New Mexico via Coursera Ciberseguridad: ataques y contramedidas
Universidad Rey Juan Carlos via Independent Reliable Cloud Infrastructure: Design and Process auf Deutsch
Google Cloud via Coursera Securing and Integrating Components of your Application 日本語版
Google Cloud via Coursera