OWASP: Top 10 Items A9, A8, & A7

OWASP | Intermediate

11 videos | 37m 51s
Includes Assessment
Earns a Badge

In this 11-video course, learners will discover security aspects focusing on OWASP Top 10 2017 Item A9: Using Components with Known Vulnerabilities; Item A8: Insecure Deserialization; and Item A7: Cross-Site Scripting (XSS). Key concepts covered in this course include details about OWASP Top 10 2017 Item A9, dealing with known vulnerabilities, and examining different types of common vulnerabilities; and details about OWASP Top 10 2017 Item A8, which involves insecure deserialization and transmission of objects between network hosts programmatically, or storage of an object in a file, such as storing something in a web browser cookie. Next, learn how insecure deserialization can be mitigated by treating it as user input; learn how to secure traffic by encrypting it with IPSec to protect serialized data; and learn details about OWASP Top 10 2017 Item A7 relating to XSS and how XSS can be mitigated. Finally, you will learn to perform a fuzz test by using OWASP ZAP; and how to identify insecure components, serialization, and XSS.

WHAT YOU WILL LEARN

describe OWASP Top 10 2017 item A9 dealing with known vulnerabilities

review different types of vulnerabilities

purchase merchandise at an unauthorized discount

describe OWASP Top 10 2017 item A8 which involves insecure deserialization

recognize how insecure deserialization can be mitigated by treating it as user input
secure traffic by encrypting it with IPSec to protect serialized data

describe OWASP Top 10 2017 item A7 relating to cross-site scripting (XSS)

recognize how cross-site scripting can be mitigated

perform a fuzz test using OWASP ZAP

identify insecure components, serialization, and XSS

IN THIS COURSE

1m 42s

FREE ACCESS
4m 20s

FREE ACCESS
3. Mitigating Known Component Vulnerabilities

3m 45s

FREE ACCESS
4. Protecting Sensitive Data at Rest

2m 19s

FREE ACCESS
5. A8 - Insecure Deserialization

3m 19s

FREE ACCESS
6. Mitigating Insecure Deserialization

2m 49s

FREE ACCESS
7. IPSec Encapsulating Security Payload

4m 24s

FREE ACCESS
8. A7 - Cross-Site Scripting (XSS)

4m 21s

FREE ACCESS
9. Mitigating Cross-Site Scripting

3m 36s

FREE ACCESS
10. Mitigating Injections

4m 39s

FREE ACCESS
11. Exercise: Harden Web App Components and Inputs

2m 37s

FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Course OWASP Top 10: A05:2021-Security Misconfiguration

Course AWS DevOps Engineer Professional 2021: CodeBuild

Course AWS SysOps Associate 2021: Cryptography

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Introduction to Secure Programming

Course OWASP: Top 10 Items A6, A5, & A4

Course OWASP Overview

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

OWASP: Top 10 Items A9, A8, & A7

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE