YoVDO

OWASP Top Ten Proactive Controls

Offered By: LASCON via YouTube

Tags

LASCON Courses Data Protection Courses Access Control Courses Application Security Courses

Course Description

Overview

Explore a comprehensive conference talk on the OWASP Top Ten Proactive Controls, delivered by Jim Manico at LASCON in 2013. Dive into fundamental security controls for software development, covering critical categories like Authentication, Access Control, Validation, Encoding, Query Parameterization, and Data Protection. Learn about secure requirements, architecture, and design principles essential for building robust applications. Gain insights on specific topics such as Apache Shiro, Role-Based Access Control, password defense strategies, multifactor authentication, and secure file upload techniques. Discover best practices for preventing cross-site scripting, implementing HTML encoding and sanitization, and utilizing cryptographic storage methods. This 50-minute developer track session provides valuable knowledge for architects and developers committed to incorporating essential security measures in every software project.

Syllabus

Introduction
Apache Shiro
RoleBased Access Control
Password Defense
Credential Specific Salt
Use an HSM
Use Bcrypt
Multifactor
Access Control
Query Parameterization
Ruby on Rails
Cold Fusion
Encoding
Crosssite scripting
HTML encoding
HTML input
OAuth HTML sanitizer
Other HTML sanitizers
File upload security
Certificate pinning
Cryptographic storage
Detection
Radio Button


Taught by

LASCON

Related Courses

Cryptography II
Stanford University via Coursera
Microsoft Enterprise Mobility Suite
Microsoft via edX
Social Media - What No One has Told You about Privacy
openHPI
Windows 10 Features for a Mobile Workforce: Identity Management and Data Access
Microsoft via edX
Health Professional Teaching Skills – Level 3 - Professionalism
University of Toronto via edX