YoVDO

Preventing Security Bugs through Software Design

Offered By: OWASP Foundation via YouTube

Tags

Software Security Courses Application Security Courses API Design Courses Secure Coding Courses SQL Injection Prevention Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a conference talk from AppSec California 2016 that delves into preventing security bugs through software design. Learn how to shift the burden of security from developers to API designers by creating constrained yet expressive APIs that make it nearly impossible to write vulnerable code. Discover designs for injection-proof SQL query APIs and XSS-proof HTML rendering APIs, combined with machine-checked coding guidelines. Gain insights from Google's successful implementation of these approaches, which have significantly reduced security vulnerabilities in their flagship projects. Understand the limitations of traditional security measures and the potential of innovative API design in addressing common application-level security defects like SQL Injection and Cross-Site Scripting.

Syllabus

Intro
Injection
Crosssite scripting
Adhoc concatenation
Safe templates
Practical application
API design
Type contract
Practicality
Exceptions
Type errors
Reviewability
Questions


Taught by

OWASP Foundation

Related Courses

MongoDB for .NET Developers
MongoDB University Web Application Development – Capstone Course
University of New Mexico via Coursera Ciberseguridad: ataques y contramedidas
Universidad Rey Juan Carlos via Independent Reliable Cloud Infrastructure: Design and Process auf Deutsch
Google Cloud via Coursera Securing and Integrating Components of your Application 日本語版
Google Cloud via Coursera