Secure Your Code - Injections and Logging
Offered By: Pluralsight
Course Description
Overview
This talks shows how to protect against injections and also how to monitor them by combining two of the OWASP top 10 security risks: Injections and insufficient logging & monitoring.
Security is a hard problem, especially when you are only running, not writing, an application. This talks shows how to protect against injections and also how to monitor them by combining two of the OWASP top 10 security risks: 1. Injections (A1:2017): We are using a simple application exploitable by injection and will then secure it with the Web Application Firewall (WAF) ModSecurity. 2. Insufficient Logging & Monitoring (A10:2017): We are logging and monitoring both the secured and the unsecured application with the Elastic Stack.
Security is a hard problem, especially when you are only running, not writing, an application. This talks shows how to protect against injections and also how to monitor them by combining two of the OWASP top 10 security risks: 1. Injections (A1:2017): We are using a simple application exploitable by injection and will then secure it with the Web Application Firewall (WAF) ModSecurity. 2. Insufficient Logging & Monitoring (A10:2017): We are logging and monitoring both the secured and the unsecured application with the Elastic Stack.
Taught by
DevSecCon
Related Courses
Processing and Visualizing Logs With Elastic StackCoursera Project Network via Coursera Deploying Network Configuration Management and Telemetry Solutions
Pluralsight Installing the Elastic Stack
Pluralsight Beginner's Crash Course to Elasticsearch and Kibana
YouTube Elastic Search
YouTube