Advanced Cyber Security Training: OWASP Top 10 and Web Application Fundamentals
Offered By: EC-Council via FutureLearn
Course Description
Overview
Examine the importance of software security and risks to web applications
It can be difficult to fully understand software vulnerabilities if you only read about them, which is why this 2-week course allows you to take a practical approach to software security.
On this course, you’ll develop your understanding of the most critical risks to web application security and learn first-hand how to exploit these vulnerabilities.
This practice-orientated course will help you become more security aware and teach you how to avoid these weaknesses in your own applications.
Understand the OWASP Top 10 and how to use them to minimise risk
The OWASP Top 10 is a standard awareness document about the largest risks to web applications. You’ll begin by reviewing and discussing each risk and learn how to exploit them to see the vulnerability in action.
You’ll learn how to use a deliberately vulnerable web application where you will exploit at least ten vulnerabilities.You’ll be able to identify and mitigate these critical security risks by reviewing vulnerable source code and learning how to fix it.
Learn the common exploitation techniques used to test software security
By putting into practice the common exploitation techniques used to test software security, you’ll gain a full understanding of the impacts of security breaches. This includes XXE (XML External Entities), XSS (Cross-Site Scripting) and Insecure Deserialization.
You’ll also examine the various threat agents to your software security and how to prevent them from conducting damaging activities.
By the end of the course, you’ll be comfortable increasing security in your organisation and the Software Development Lifecycle (SDLC).
This course is designed for anyone interested in software security. You should be familiar using the web browser and have prior knowledge about the HTTP protocol, HTML and JavaScript.
You should also have a computer that is capable of running VirtualBox.
Syllabus
- Getting Started with OWASP
- Welcome to OWASP Top 10 and Web Applications Fundamentals
- World Wide Web Fundamentals
- Injection Flaws
- Broken Authentication
- Week 1 Summary
- How to Address Suspicious Internet Activity
- Welcome to Week 2
- Sensitive Data Exposure
- XML External Entities (XXE)
- Broken Access Control
- Security Misconfiguration
- Week 2 Summary
- XSS, Deserialized Data Attacks, Further Known Vulnerabilities, and How You Can Protect Your System Overall
- Welcome to Week 3!
- Cross-site Scripting (XSS)
- Insecure Deserialization
- Using Components with Known Vulnerabilities
- Insufficient Logging and Monitoring
- Week 3 Summary
Taught by
EC-Council Educator Team
Related Courses
Writing Secure Code in ASP.NETPackt via Coursera Cybersécurité : comment sécuriser un site web
Institut Mines-Télécom via Coursera Cross-Site Scripting
Cybrary Identifying Web Attacks Through Logs
Cybrary OWASP Top 10 - A03:2021 - Injection
Cybrary