A10 and A9: API and Component Attacks

OWASP    |    Intermediate
  • 12 Videos | 49m 11s
  • Includes Assessment
  • Earns a Badge
Likes 51 Likes 51
OWASP Top 10 list items 10 and 9 are exploits of APIs and components of web applications.

WHAT YOU WILL LEARN

  • define what an underprotected API is
    describe how underprotected APIs can be exploited and what kind of access is needed to exploit it
    describe how easy it is to detect underprotected APIs and how common they are
    list the technical and business impacts of underprotected APIs
    provide examples of underprotected API attacks
    specify what a vulnerable component is
  • describe how vulnerable components can be exploited and what kind of access is needed to exploit them
    describe how easy it is to detect vulnerable components and how common they are
    list the technical and business impacts of vulnerable components
    provide examples of vulnerable component attacks
    purchase merchandise at an unauthorized discount
    describe what A10 and A9 are and how they affect web application security

IN THIS COURSE

  • Playable
    1. 
    A10 - Underprotected APIs
    7m 13s
    UP NEXT
  • Playable
    2. 
    A10 - Underprotected API Exploits
    3m 38s
  • Locked
    3. 
    A10 - Underprotected API Detection
    8m 17s
    FREE ACCESS
  • Locked
    4. 
    A10 - Unprotected API Impacts
    3m 48s
    FREE ACCESS
  • Locked
    5. 
    A10 - Unprotected API Examples
    3m 29s
    FREE ACCESS
  • Locked
    6. 
    A9 - Using Components with Known Vulnerabilities
    3m 21s
    FREE ACCESS
  • Locked
    7. 
    A9 - Vulnerable Component Exploits
    2m 12s
    FREE ACCESS
  • Locked
    8. 
    A9 - Vulnerable Component Detection
    4m 7s
    FREE ACCESS
  • Locked
    9. 
    A9 - Vulnerable Component Impacts
    4m 7s
    FREE ACCESS
  • Locked
    10. 
    A9 - Vulnerable Component Attacks
    4m 44s
    FREE ACCESS
  • Locked
    11. 
    A9 - Shopping Cart Component Flaw
    2m 16s
    FREE ACCESS
  • Locked
    12. 
    Exercise: A10 and A9 Security Risks
    2m
    FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

COURSE OWASP Top 10: A10:2021-Server-Side Request Forgery (SSRF)
CHANNEL APIs
Likes 69 Likes 69  
COURSE A7 and A6: Leaky and Unprepared Applications
Likes 67 Likes 67  

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

COURSE Certified Secure Software Lifecycle Professional (CSSLP) 2019: Threat Modeling
Likes 109 Likes 109  
COURSE Certified Secure Software Lifecycle Professional (CSSLP) 2019: Core Concepts
Likes 318 Likes 318  
COURSE OWASP Overview
Likes 244 Likes 244