OWASP Top Ten Proactive Controls
Offered By: LASCON via YouTube
Course Description
Overview
Explore a comprehensive conference talk on the OWASP Top Ten Proactive Controls, delivered by Jim Manico at LASCON in 2013. Dive into fundamental security controls for software development, covering critical categories like Authentication, Access Control, Validation, Encoding, Query Parameterization, and Data Protection. Learn about secure requirements, architecture, and design principles essential for building robust applications. Gain insights on specific topics such as Apache Shiro, Role-Based Access Control, password defense strategies, multifactor authentication, and secure file upload techniques. Discover best practices for preventing cross-site scripting, implementing HTML encoding and sanitization, and utilizing cryptographic storage methods. This 50-minute developer track session provides valuable knowledge for architects and developers committed to incorporating essential security measures in every software project.
Syllabus
Introduction
Apache Shiro
RoleBased Access Control
Password Defense
Credential Specific Salt
Use an HSM
Use Bcrypt
Multifactor
Access Control
Query Parameterization
Ruby on Rails
Cold Fusion
Encoding
Crosssite scripting
HTML encoding
HTML input
OAuth HTML sanitizer
Other HTML sanitizers
File upload security
Certificate pinning
Cryptographic storage
Detection
Radio Button
Taught by
LASCON
Related Courses
Cryptography IIStanford University via Coursera Microsoft Enterprise Mobility Suite
Microsoft via edX Social Media - What No One has Told You about Privacy
openHPI Windows 10 Features for a Mobile Workforce: Identity Management and Data Access
Microsoft via edX Health Professional Teaching Skills – Level 3 - Professionalism
University of Toronto via edX