OWASP Top 10 for JavaScript Developers
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the OWASP Top 10 vulnerabilities specifically tailored for JavaScript developers in this informative conference talk from OWASP Global AppSec Tel Aviv. Delve into both client-side and server-side JavaScript security issues, focusing on modern frameworks like Angular, React, Vue, and Node.js. Learn about injection attacks, broken authentication, access control problems, and cross-site scripting (XSS) vulnerabilities. Discover practical prevention techniques, including Content Security Policy (CSP) implementation and secure configuration practices for Node.js. Gain valuable insights from Lewis Ardern, a Senior Security Consultant at Synopsys, as he bridges the gap between traditional OWASP documentation and the evolving JavaScript ecosystem.
Syllabus
Introduction
One Injection
MongoDB Example
Prevent Mongo Injection
Relational Databases
Info Prevention
Broken Authentication
Authentication
XML
Brokering Access Control
Nodejs Configuration
Execution context
DOM XSS
Framework XSS
ElementRef
Prevention
CSP
Mitigation Techniques
Taught by
OWASP Foundation
Related Courses
Fixing XSS with Content Security PolicyLASCON via YouTube Don't Trust the DOM - Bypassing XSS Mitigations via Script Gadgets
OWASP Foundation via YouTube Breaking Microsoft Edge Extensions Security Policies
media.ccc.de via YouTube Dissecting CSRF Attacks & Countermeasures
Black Hat via YouTube Browser Security and HTTP Headers - Attacks and Protections in Action
Devoxx via YouTube