YoVDO

Programming Foundations: Web Security

Offered By: LinkedIn Learning

Tags

Web Security Courses Cybersecurity Courses SQL Injection Courses Input Validation Courses Password Security Courses Session Hijacking Courses

Course Description

Overview

Learn about the most important security concerns that you’ll need to address when developing websites, and what you can do to keep your servers, software, and data safe from harm.

Syllabus

Introduction
  • The importance of security
1. Security Overview
  • What is security?
  • Why security matters
  • What is a hacker?
  • Threat models
  • Total security is unachievable
2. General Security Principles
  • Least privilege
  • Simple is more secure
  • Never trust users
  • Expect the unexpected
  • Defense in depth
  • Resilience
  • Security through obscurity
  • Deny-listing and allow-listing
  • Map exposure points and data passageways
3. Filter Input, Control Output
  • Regulate requests
  • Validate input
  • Sanitize data
  • Label variables
  • Keep code private
  • Keep credentials private
  • Keep error messages vague
  • Smart logging
4. The Most Common Attacks
  • Types of credential attacks
  • Strong passwords
  • URL manipulation and Insecure Direct Object Reference (IDOR)
  • SQL injection
  • Cross-Site Scripting (XSS)
  • Cross-Site Request Forgery (CSRF)
  • Cross-Site Request protections
  • Cookie visibility and theft
  • Session hijacking
  • Session fixation
  • Remote system execution
  • File upload abuse
  • Denial of service
Conclusion
  • Next steps

Taught by

Kevin Skoglund

Related Courses

Security Principles
(ISC)² via Coursera A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera FinTech for Finance and Business Leaders
ACCA via edX Access Control Concepts
(ISC)² via Coursera Access Controls
(ISC)² via Coursera