OWASP Top 10
OWASP Top 10 Overview
This course is designed to teach you about the 2021 version of the OWASP Top 10 Web Application Vulnerabilities. The OWASP Top 10 is a list of the most critical security risks to web applications, and it is widely used by organizations to improve their web application security.
This course will cover each of the OWASP Top 10 vulnerabilities in detail, including:
What the vulnerability is
Explanations of how it could be exploited
Real-world examples of how the vulnerability has been exploited
Possible detections and fixes of the vulnerability
The course will also include demonstrations of each vulnerability so that you can see how they work in practice. Additionally, the course will explore possible fixes and/or mitigations for each vulnerability.
By the end of this course, you will have a good understanding of the OWASP Top 10 Web Application Vulnerabilities and how to protect your web applications from them.
0h 4m
WEBVTT
Hey there everyone and
welcome to our OWASP Top
Series for 2021. We're glad to
have you, like give you a
little overview of what this
series is going to be about,
what you can expect, who the
heck we are and a little bit of
that action. Let's start off
with who are we? Well, I'll be
your host for this series.
My name is Daniel Lowry.
I'm
a subject matter expert in
cyber security for ACI
learning. I also am going to be
hosting. I'm going to be trying
to driving this show. I have
have credentials in cyber
security such as Pentest Plus
and Sysa Plus from CompTIA.
I also have a first responder
certification and various other
industry certifications and
experiences around cyber
security. So I'll be lending
some of my expertise to this as
well, but also joining us will
be our actual subject matter
for this episode or this
series, which is Justin
Denison. Hi, Justin Denison
here. I've got,
so approaching, sometimes I
forget how long it is. It's
been around 10 years of various
development experiences.
I have certifications in
various cloud technologies,
AWS, some Cisco things. I've
worked in not only application
development, but also working
with security teams to do
pseudo-pin tests. Being like
back and forth, I've helped
them evaluate applications and
designed and architected
various cloud systems that
security was the number one
paramount decision.
I'll be showing you how to
think about it from a developer
mindset with a security first
attitude. Awesome. So Justin,
when it comes to this course,
the good folks out there,
they probably want to know
what's in it for me. What is
this course about? What am I
going to get? What's the big
takeaway? So the big takeaway
is being able to identify some
of these things that maybe you
don't know are actually issues.
And then providing you with
methodologies to go, all right,
I don't want that to happen
again. I want to make
my web applications, my
computer applications, whatever
I'm developing, I want them to
be as secure as can be. Because
I can confirm, one of the
better feelings I've had as a
developer is when I've been pen
tested and then the security
team praised me. They're like,
you know, all these things you
had one, you're not going to be
perfect. But then there in our
discussion, they're like, it's
so refreshing to have a
developer that thinks about
these things first. And it just
makes everybody's life a little
easier. So that's what you're
going to get out of it. A way
of thinking about these as you
approach new development
projects. Awesome. So the next
question is going to be,
what are the core schools like
if
I'm starting this from
finished, I kind of wanted to
give an outline of what's going
to happen. What's the structure
of this course? Could you kind
of give us a elevator pitch of
what's going to happen in this?
All right, here I go.
I'm going to give you the pitch
for every one of the top 10
chunks. We're going to go a
three episode arc. We're going
to do an exploit episode,
a fixed episode, and then a
verification episode to kind of
put it all together. What went
wrong? How do we fix it if it
does go wrong? And then
we're making sure that we
actually fixed it and how to
think about preventing it in
the future. For each one of
those, you will get that in
spades.
Well, Justin, I'm really
looking forward to this.
I love security. Justin and I
have worked for a while
together and we have a lot of
fun making these types of
series for you good folks out
there. And I really enjoy
working with Justin and talking
security and just giving that
information out there to
anybody that's wanting to
listen and increase their own
security. Justin, why are you
excited about this course?
I'm excited because I see so
many of these things
that people just getting
started or I also have some
personal vested interests.
Like I've had loved ones get
compromised or,
hey, I'm using this insecure
thing or I'm not doing these
practices. And by drawing
awareness to this, I'm hoping
to make
security and developers work
better together, but also just
really up everyone's game and
make the world--this is a
little cliche-- but make it a
little safer out there. Hey,
nothing wrong with that, right?
We all want a little bit better
security out there. And
hopefully by the end of this
series, you will have an
understanding of the OWASP Top
10 in a way that you will be
able to implement in a
practical and pragmatic way and
increase your security for your
web applications. That sounds
like something that interests
you. Well, we look forward to
seeing you in the upcoming
episodes.
Overview
This course is designed to teach you about the 2021 version of the OWASP Top 10 Web Application Vulnerabilities. The OWASP Top 10 is a list of the most critical security risks to web applications, and it is widely used by organizations to improve their web application security.
This course will cover each of the OWASP Top 10 vulnerabilities in detail, including:
What the vulnerability is
Explanations of how it could be exploited
Real-world examples of how the vulnerability has been exploited
Possible detections and fixes of the vulnerability
The course will also include demonstrations of each vulnerability so that you can see how they work in practice. Additionally, the course will explore possible fixes and/or mitigations for each vulnerability.
By the end of this course, you will have a good understanding of the OWASP Top 10 Web Application Vulnerabilities and how to protect your web applications from them.
Learning Style
On Demand
Length of course
7h 53m
31 Episodes
Here are the topics we'll cover
- Course Overview
- Broken Access Control
- Cryptographic Failures
- Injection
- Insecure Design
- Security Misconfiguration
- Vulnerable and Outdated Components
- Identification and Authentication Failures
- Software and Data Integrity Failures
- Security Logging and Monitoring Failures
- Server-Side Request Forgery
Learning Options
Options for this course
Train your team
Stay ahead of the curve and future-proof your business with training programs designed for you.
Channel & Reseller
Transform your experience and integrate with our unique evolving library of Audit, Cybersecurity, and Information Technology courses.
Individual learners
Learn at your own pace and get your certification training.