Modern Web Application Defense with OWASP Tools
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore modern web application defense techniques using OWASP tools in this 40-minute conference talk from AppSecUSA 2014. Dive into common vulnerabilities like Cross-Site Scripting (XSS), Session Hijacking, and Clickjacking, and learn how to mitigate them effectively. Witness live demonstrations of OWASP projects and tools in action, and discover proactive strategies to prevent attacks and protect applications. Gain insights into Contextual Output Encoding, Content Security Policy, Strict-Transport-Security, and Cross-Site Request Forgery (CSRF) defenses. Participate in an interactive session designed for developers and architects to enhance their understanding of practical security solutions and risk mitigation techniques.
Syllabus
Cross-Site Scripting (XSS)
Contextual Output Encoding
Content Security Policy
CSP Requirements
CSP Directives
CSP Examples
Strict-Transport-Security
X-Frame-Options
Using Secure Headers
Cross-Site Request Forgery (CSRF)
OWASP 1-Liner
Normal JSON Message
CSRF Attack Form
Forged JSON Message
CSRF Defense
CSRFGuard JSP Tags
CSRFGuard DOM Manipulation
Taught by
OWASP Foundation
Related Courses
Don's Introduction to Ethical Hacking for BeginnersUdemy Complete Cyber Security Course: Go From Zero To Hero
Udemy Performing Incident Response and Handling
Pluralsight Ethical Hacking: Session Hijacking
LinkedIn Learning Learn SQL +Security(pen) testing from Scratch
Udemy