Leveraging OWASP in Open Source Projects
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore how the CAS AppSec Working Group leverages OWASP resources to enhance security in open source projects during this 45-minute conference talk. Learn about improving security, providing security artifacts for potential adopters, and implementing policies for vulnerability analysis and notification in the context of Jasig CAS, an open source WebSSO project. Gain insights into addressing OWASP A9 "Using components with Known Vulnerabilities / Secure Coding" and discover a model that other open source projects can adopt. Delve into topics such as CAVS security, threat libraries, information disclosure attacks, data flow diagrams, and the STRIDE methodology for security analysis.
Syllabus
Introduction
Who is this for
Open Source is Secure
CAVS
CAVS Security
COS Apps Tech
Apps Tech Goals
Working Apps
Security
Open Source
Base of Security
Moodle
Top 10
Top 9
Our Experience
Threat Libraries
Information Disclosure Attack
Remediation
Results
Challenges
Volunteering
Data Flow Diagrams
Why Stride
Strike Character Categorization
Taught by
OWASP Foundation
Related Courses
Менеджмент информационной безопасностиHigher School of Economics via Coursera Planning a Security Incident Response
Microsoft via edX Identifying Security Vulnerabilities
University of California, Davis via Coursera Secure Coding Practices
University of California, Davis via Coursera Atlas Security
MongoDB University