YoVDO

OWASP Top 10 for JavaScript Developers

Offered By: OWASP Foundation via YouTube

Tags

Conference Talks Courses Javascript Courses MongoDB Courses Relational Databases Courses Cross-Site Scripting (XSS) Courses Web Security Courses Access Control Courses Injection Vulnerabilities Courses Broken Authentication Courses Content Security Policy (CSP) Courses

Course Description

Overview

Explore the OWASP Top 10 vulnerabilities specifically tailored for JavaScript developers in this informative conference talk from OWASP Global AppSec Tel Aviv. Delve into both client-side and server-side JavaScript security issues, focusing on modern frameworks like Angular, React, Vue, and Node.js. Learn about injection attacks, broken authentication, access control problems, and cross-site scripting (XSS) vulnerabilities. Discover practical prevention techniques, including Content Security Policy (CSP) implementation and secure configuration practices for Node.js. Gain valuable insights from Lewis Ardern, a Senior Security Consultant at Synopsys, as he bridges the gap between traditional OWASP documentation and the evolving JavaScript ecosystem.

Syllabus

Introduction
One Injection
MongoDB Example
Prevent Mongo Injection
Relational Databases
Info Prevention
Broken Authentication
Authentication
XML
Brokering Access Control
Nodejs Configuration
Execution context
DOM XSS
Framework XSS
ElementRef
Prevention
CSP
Mitigation Techniques


Taught by

OWASP Foundation

Related Courses

Cybersecurity and Its Ten Domains
University System of Georgia via Coursera Bases de données relationnelles : Comprendre pour maîtriser
Inria (French Institute for Research in Computer Science and Automation) via France Université Numerique Desarrollo de Aplicaciones Web: Seguridad
University of New Mexico via Coursera Web Application Development: Security
University of New Mexico via Coursera Computing, Storage and Security with Google Cloud Platform
Google via Coursera