YoVDO

From the OWASP Top Ten to the OWASP ASVS

Offered By: NDC Conferences via YouTube

Tags

NDC Conferences Courses Web Development Courses Application Security Courses Secure Software Development Courses API Security Courses OWASP ASVS Courses

Course Description

Overview

Explore a comprehensive conference talk that delves into the limitations of relying solely on the OWASP Top Ten for web application security. Learn why the OWASP Application Security Verification Standard (ASVS) v4.0 provides a more robust framework for defining and implementing secure software. Discover how the ASVS's 180+ requirements offer a nuanced approach to technical security controls for web and API applications, surpassing the basic awareness provided by top ten lists. Gain insights into using the ASVS as a foundation for a thorough Application Security program, covering topics such as architecture, authentication, password storage, session management, input validation, cryptography, data protection, communication security, business logic verification, and REST security.

Syllabus

Introduction
ASVS
The Team
NIST 863
Changes in web development
Common Weakness Enumeration
Standards Worth
Levels of Severity
DevOps
What we removed
Architecture
Authentication
Password Storage
Session Management
Input Validation
Store Cryptography
Data Protection
Communication Security
Business Logic Verification
REST Security


Taught by

NDC Conferences

Related Courses

MongoDB for .NET Developers
MongoDB University Web Application Development – Capstone Course
University of New Mexico via Coursera Ciberseguridad: ataques y contramedidas
Universidad Rey Juan Carlos via Independent Reliable Cloud Infrastructure: Design and Process auf Deutsch
Google Cloud via Coursera Securing and Integrating Components of your Application 日本語版
Google Cloud via Coursera