OWASP Top 10: A08:2021-Software & Data Integrity Failures

OWASP 2022    |    Intermediate
  • 12 Videos | 1h 6m 11s
  • Includes Assessment
  • Earns a Badge
Today's web applications combine software code and resultant data, with the trustworthiness of both resulting in a secure and trusted application. There are many planning strategies and tools that can ensure software and data integrity. In this course, learn about IT supply chain security, deploying Linux updates, and configuring a Windows Server Update Services (WSUS) host. Next, explore object-oriented programming (OOP) and how it is related to insecure deserialization attacks. Finally, practice ensuring file integrity using file hashing in Windows and Linux and using the OWASP Dependency-Check tool to verify that publicly disclosed vulnerabilities are not present in a project's dependencies. Upon completion, you'll be able to ensure the integrity of software code, dependencies, and resultant data.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    outline how signed hardware firmware updates and software code pipelines play a role in web app security
    deploy Linux updates
    configure and deploy a Windows Server Update Services (WSUS) server
    identify how the concept of objects, methods, and properties applies to scripting and software development
    identify how deserialization attacks occur
  • recognize how to deploy security controls to mitigate deserialization attacks
    digitally sign a Microsoft PowerShell script
    hash files using Windows commands
    hash files using Linux commands
    verify that publicly disclosed vulnerabilities are not present within a project's dependencies
    summarize the key concepts covered in this course

IN THIS COURSE

  • Playable
    1. 
    Course Overview
    47s
    UP NEXT
  • Playable
    2. 
    IT Supply Chain Security
    6m 44s
  • Locked
    3. 
    Deploying Linux Updates from Trusted Repositories
    4m 57s
  • Locked
    4. 
    Configuring Windows Server Update Services (WSUS)
    6m 48s
  • Locked
    5. 
    Object-oriented Programming (OOP)
    6m 45s
  • Locked
    6. 
    Insecure Deserialization Attacks
    6m 34s
  • Locked
    7. 
    Mitigating Insecure Deserialization Attacks
    6m
  • Locked
    8. 
    Digitally Signing PowerShell Scripts
    8m 29s
  • Locked
    9. 
    Hashing Files in Windows
    5m 28s
  • Locked
    10. 
    Hashing Files in Linux
    7m 22s
  • Locked
    11. 
    Using the OWASP Dependency-check Tool
    5m 17s
  • Locked
    12. 
    Course Summary
    1m 1s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.