A4 and A2: Broken Applications

OWASP | Intermediate

13 videos | 1h 6m 11s
Includes Assessment
Earns a Badge

(333)

From Channel:

OWASP

OWASP Top 10 list items 4 and 2 involve applications with broken access controls and broken authentication and session management.

WHAT YOU WILL LEARN

Explain what broken access control is

How broken access control can be exploited and what kind of access is needed to exploit it

How easy it is to detect broken access control and how common they are

The technical and business impacts of broken access control

Provide examples of broken access control attacks

Guess urls and parameters to gain access to web pages and data

Explain what broken authentication and session management is
How broken authentication and session management can be exploited and what kind of access is needed to exploit it

How easy it is to detect broken authentication and session management and how common they are

The technical and business impacts of broken authentication and session management

Provide examples of broken authentication and session management attacks

Retrieve sensitive data through password reset pages

What an attacker can access if they exploit a4 or a2

IN THIS COURSE

5m 36s

After completing this video, you will be able to explain what Broken Access Control is. FREE ACCESS
8m 9s

Find out how Broken Access Control can be exploited and what kind of access is needed to exploit it. FREE ACCESS
3. A4 - Broken Access Control Detection

5m 22s

In this video, find out how easy it is to detect Broken Access Control and how common they are. FREE ACCESS
4. A4 - Broken Access Control Impacts

4m 44s

In this video, you will learn about the technical and business impacts of Broken Access Control. FREE ACCESS
5. A4 - Broken Access Control Attacks

7m 33s

After completing this video, you will be able to provide examples of Broken Access Control attacks. FREE ACCESS
6. A4 - Use Forced Browsing to Access Data

2m 2s

During this video, you will learn how to guess URLs and parameters to gain access to web pages and data. FREE ACCESS
7. A2 - Broken Authentication and Session Management

4m 4s

After completing this video, you will be able to explain what Broken Authentication and Session Management is. FREE ACCESS
8. A2 - Session Management Exploits

5m 10s

Find out how Broken Authentication and Session Management can be exploited and what kind of access is needed to exploit it. FREE ACCESS
9. A2 - Session Management Vulnerability Detection

5m 47s

In this video, you will learn how easy it is to detect Broken Authentication and Session Management and how common they are. FREE ACCESS
10. A2 -Session Management Impacts

4m 7s

In this video, you will learn about the technical and business impacts of Broken Authentication and Session Management. FREE ACCESS
11. A2 - Session Management Attacks

5m 17s

After completing this video, you will be able to provide examples of Broken Authentication and Session Management attacks. FREE ACCESS
12. A2 - Exploit Password Reset Pages

2m 42s

Find out how to retrieve sensitive data through password reset pages. FREE ACCESS
13. Exercise: What Can An Attacker Do With A4 and A2

5m 38s

In this video, you will see what an attacker can access if they exploit A4 or A2. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Course Microsoft Azure Security Technologies Bootcamp: Session 1 Replay

(45)

Course AWS Certified Solutions Architect Associate Bootcamp: Session 3 Replay

(39)

Course AWS Certified Developer Bootcamp: Session 4 Replay

(21)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course A5 and A1: Security and Injection

(334)

Course CISSP: Risk Management

(436)

Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Secure Design Principles

(356)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills & Salary Report

ESG Impact Report

A4 and A2: Broken Applications

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE