A7 and A6: Leaky and Unprepared Applications

OWASP    |    Intermediate
  • 18 videos | 1h 1m 7s
  • Includes Assessment
  • Earns a Badge
OWASP Top 10 list items 7 and 6 involve applications that expose sensitive data and are not protected from modern attacks.

WHAT YOU WILL LEARN

  • Describe what insufficient attack protection is
    Exploit insufficient attack protection and what kind of access is needed to exploit it
    Use nmap to scan a network
    Detect insufficient attack protection and note how common it is
    Use online web app scanners
    Describe the client/server http exchange
    Analyze linux log rotation files for a linux web server
    List the technical and business impacts of insufficient attack protection
    Discuss attacks that take advantage of insufficient attack protection
  • Describe what sensitive data exposure is
    Analyze sensitive network traffic in linux
    Describe how sensitive data exposure can be exploited
    Review how sensitive data exposure can be exploited and what kind of access is needed to exploit it
    Describe how easy it is to detect sensitive data exposure and how common it is
    List the technical and business impacts of sensitive data exposure
    Describe how various attacks can result in sensitive data exposure
    Provide examples of sensitive data exposure attacks
    Describe the impact of these exploits on the business and technical sides

IN THIS COURSE

  • 6m 33s
  • 3m 31s
  • Locked
    3.  A7 - Scan for Web Servers
    3m 11s
  • Locked
    4.  A7 - Insufficient Attack Protection Detection
    5m 50s
  • Locked
    5.  A7 - Scan a Web App for Vulnerabilities
    2m 19s
  • Locked
    6.  A7 - Analyze HTTP Traffic Using WireShark
    3m 56s
  • Locked
    7.  A7 - Analyzing Log Rotation Files
    2m 12s
  • Locked
    8.  A7 - Insufficient Attack Protection Impacts
    4m 32s
  • Locked
    9.  A7 - Insufficient Attack Protection Attacks
    4m 12s
  • Locked
    10.  A6 - Sensitive Data Exposure
    4m 15s
  • Locked
    11.  A6 - Analyzing Sensitive Network Traffic
    1m 26s
  • Locked
    12.  A6 - Sensitive Data Exposure Exploits Overview
    3m 12s
  • Locked
    13.  A6 - Sensitive Data Exposure Exploits
    3m 28s
  • Locked
    14.  A6 - Sensitive Data Exposure Detection
    2m
  • Locked
    15.  A6 - Sensitive Data Exposure Impacts
    1m 27s
  • Locked
    16.  A6 - Sensitive Data Exposure Attacks
    3m 40s
  • Locked
    17.  A6 - Demonstrating Sensitive Exposure Attacks
    2m 33s
  • Locked
    18.  Exercise: Describe the Impact of A7 and A6
    2m 51s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Journey Web App Vulnerability Analyst - 2022 Update
Course OWASP Top 10: A05:2021-Security Misconfiguration
Course A10 and A9: API and Component Attacks

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Defensive Java Fundamentals
Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Threat Modeling
Course A8 and A3: Cross-Site Attacks