OWASP Top 10: A8 - Insecure Deserialization

OWASP 2021
  • 5 Videos | 21m 4s
  • Includes Assessment
  • Earns a Badge
Object-oriented programming is common when writing scripts, as well as during software development. OOP treats items as objects that have properties and methods, as opposed to treating command output as a simple string. In this course, you'll learn about OOP along with some syntax examples. You'll explore how programming objects become serialized and deserialized and how this can present a security risk to web applications. Next, you'll examine how deserialization works in PowerShell, as well as how to execute a deserialization attack against an intentionally vulnerable web application. Lastly, you'll learn how to prevent deserialization attacks from succeeding.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    describe how the concept of objects, methods, and properties applies to scripting and software development
    identify how deserialization attacks occur
  • recognize how to deploy security controls to mitigate deserialization attacks
    summarize the key concepts covered in this course

IN THIS COURSE

  • Playable
    1. 
    Course Overview
    1m 40s
    UP NEXT
  • Playable
    2. 
    Object-oriented Programming
    5m 48s
  • Locked
    3. 
    Insecure Deserialization Attacks
    7m 57s
  • Locked
    4. 
    Mitigating Insecure Deserialization Attacks
    4m 43s
  • Locked
    5. 
    Course Summary
    56s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.