OWASP Top 10: A04:2021-Insecure Design

OWASP 2022 | Intermediate

8 Videos | 38m 22s
Includes Assessment
Earns a Badge

Today's web applications combine software code and resultant data, with the trustworthiness of both resulting in a secure trusted application. There are many planning strategies and tools that can ensure software and data integrity. In this course, explore IT supply chain security, how to deploy Linux updates, and how to configure a Windows Server Update Services (WSUS) host. Next, examine object-oriented programming (OOP) and how it is related to insecure deserialization attacks. Finally, learn how to use the OWASP Dependency-Check tool to verify that publicly disclosed vulnerabilities are not present in a project's dependencies. Upon completion, you'll be able to ensure that the design of a web application includes business requirements and related security controls.

WHAT YOU WILL LEARN

discover the key concepts covered in this course

outline how confidentiality, integrity, and availability (CIA) apply to web app development

state how security applies to each phase of the software development life cycle (SDLC)

identify detailed security controls listed in the Cloud Controls Matrix (CCM)
name various types of software testing

configure web application deployment slots in the Microsoft Azure cloud

list the benefits of using a secure API when writing web app code

summarize the key concepts covered in this course

IN THIS COURSE

1.

Course Overview

1m 6s

UP NEXT
2.

The CIA Security Triad

6m 42s
3.

Software Development Life Cycle Security Controls

8m 6s

FREE ACCESS
4.

Security Controls in the Cloud Controls Matrix (CCM)

4m 32s

FREE ACCESS
5.

Software Testing Types

5m 53s

FREE ACCESS
6.

Configuring Web Application Deployment Slots

5m 51s

FREE ACCESS
7.

The OWASP Enterprise Security API (ESAPI)

5m 24s

FREE ACCESS
8.

Course Summary

50s

FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

COURSE OWASP Top 10: A06:2021-Vulnerable & Outdated Components

COURSE OWASP Top 10: A07:2021-Identification & Authentication Failures

COURSE OWASP Top 10: A01:2021-Broken Access Control

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Content items for Compliance and Leadership are not included in this subscription.

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

OWASP Top 10: A04:2021-Insecure Design

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE