YoVDO

Advanced Cyber Security Training: OWASP Top 10 and Web Application Fundamentals

Offered By: EC-Council via FutureLearn

Tags

Cybersecurity Courses Cross-Site Scripting (XSS) Courses Web Application Security Courses OWASP Top 10 Courses Broken Access Control Courses Broken Authentication Courses Insecure Deserialization Courses

Course Description

Overview

Examine the importance of software security and risks to web applications

It can be difficult to fully understand software vulnerabilities if you only read about them, which is why this 2-week course allows you to take a practical approach to software security.

On this course, you’ll develop your understanding of the most critical risks to web application security and learn first-hand how to exploit these vulnerabilities.

This practice-orientated course will help you become more security aware and teach you how to avoid these weaknesses in your own applications.

Understand the OWASP Top 10 and how to use them to minimise risk

The OWASP Top 10 is a standard awareness document about the largest risks to web applications. You’ll begin by reviewing and discussing each risk and learn how to exploit them to see the vulnerability in action.

You’ll learn how to use a deliberately vulnerable web application where you will exploit at least ten vulnerabilities.You’ll be able to identify and mitigate these critical security risks by reviewing vulnerable source code and learning how to fix it.

Learn the common exploitation techniques used to test software security

By putting into practice the common exploitation techniques used to test software security, you’ll gain a full understanding of the impacts of security breaches. This includes XXE (XML External Entities), XSS (Cross-Site Scripting) and Insecure Deserialization.

You’ll also examine the various threat agents to your software security and how to prevent them from conducting damaging activities.

By the end of the course, you’ll be comfortable increasing security in your organisation and the Software Development Lifecycle (SDLC).

This course is designed for anyone interested in software security. You should be familiar using the web browser and have prior knowledge about the HTTP protocol, HTML and JavaScript.

You should also have a computer that is capable of running VirtualBox.


Syllabus

  • Getting Started with OWASP
    • Welcome to OWASP Top 10 and Web Applications Fundamentals
    • World Wide Web Fundamentals
    • Injection Flaws
    • Broken Authentication
    • Week 1 Summary
  • How to Address Suspicious Internet Activity
    • Welcome to Week 2
    • Sensitive Data Exposure
    • XML External Entities (XXE)
    • Broken Access Control
    • Security Misconfiguration
    • Week 2 Summary
  • XSS, Deserialized Data Attacks, Further Known Vulnerabilities, and How You Can Protect Your System Overall
    • Welcome to Week 3!
    • Cross-site Scripting (XSS)
    • Insecure Deserialization
    • Using Components with Known Vulnerabilities
    • Insufficient Logging and Monitoring
    • Week 3 Summary

Taught by

EC-Council Educator Team

Related Courses

Writing Secure Code in ASP.NET
Packt via Coursera
Cybersécurité : comment sécuriser un site web
Institut Mines-Télécom via Coursera
Cross-Site Scripting
Cybrary
Identifying Web Attacks Through Logs
Cybrary
OWASP Top 10 - A03:2021 - Injection
Cybrary