Introducing the ASVS 4.0
Offered By: nullcon via YouTube
Course Description
Overview
Explore the latest updates and changes in the OWASP Application Security Verification Standard 4.0 through this conference talk from nullcon Goa 2019. Learn about new controls, complete renumbering, and how to adapt the ASVS for specific industries or companies. Discover a novel attack technique and gain insights into modern web application security. Delve into topics such as architecture, authentication, session management, access control, cryptography, error handling, data protection, communications security, malicious code, business logic verification, API security, and configuration. Understand the importance of generally accepted security practices and find out how to contribute to this essential security standard.
Syllabus
Intro
Andrew van der Stock
What is the ASVS?
Who is involved?
What's new
Modern web applications
What's changed
is the new minimum
PCI DSS 6.5.x
What's gone
V1 Architecture
Authentication
Session Management
Access Control
Stored Cryptography
Error handling
Data Protection
Communications Security
Malicious Code
Business Logic Verification
Files and Resources
API Security
Configuration
Generally Accepted Security Practices
How to get involved
Taught by
nullcon
Related Courses
MongoDB for .NET DevelopersMongoDB University Web Application Development – Capstone Course
University of New Mexico via Coursera Ciberseguridad: ataques y contramedidas
Universidad Rey Juan Carlos via Independent Reliable Cloud Infrastructure: Design and Process auf Deutsch
Google Cloud via Coursera Securing and Integrating Components of your Application 日本語版
Google Cloud via Coursera