Secure Programmer: Vulnerabilities
Intermediate
- 19 Videos | 1h 11m 37s
- Includes Assessment
- Earns a Badge
Explore various software vulnerability topics in this 19-video, which opens with a look at specific security vulnerabilities and how to program counter techniques. Then learners receive three tutorials on the OWASP (Open Web Application Security Project) Top 10 vulnerabilities: SQL injection, broken authentication, and cross-site scripting; broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection; and cross-site request forgery, using components with known vulnerabilities, and under protected application programming interfaces (APIs). Examine use of threat models including STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation), PASTA (the Process for Attack Simulation and Threat Analysis), DREAD (Damage, Reproductibility, Exploitability, Affected Users, Discoverability), and SQUARE (Security Quality Requirements Engineering). Use CVE (common vulnerabilities and exposures) vulnerability scoring, and examine Java, Python, C#, and Javascript SQL secure coding examples. Implement Python secure coding to combat SQL vulnerability; C# to combat common code vulnerabilities, and Javascript to combat Cross Site Scripting attacks. Use Common Vulnerability Scoring System (CVSS), and finally, use OWASP Zap and Vega vulnerability scanners to test websites for common vulnerabilities.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this coursedescribe specific security vulnerabilities and recognize how to program counter techniquesdescribe OWASP Top 10 vulnerabilities including SQL injection, broken authentication, and cross-site scriptingdescribe OWASP Top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protectiondescribe OWASP Top 10 vulnerabilities including cross-site request forgery, using components with known vulnerabilities, and underprotected APIsdescribe and use threat models including STRIDE, PASTA, DREAD, and SQUAREdescribe and use CVE vulnerability scoringimplement Java secure coding to combat Rhino Script vulnerabilityimplement Python secure coding to combat Remote Code Execution Vulnerabilityimplement C# secure coding to combat SQL Injection Vulnerability
-
implement JavaScript secure coding to combat SQL Injection Vulnerabilityimplement Java secure coding to combat SQL Injection Vulnerabilityimplement Python secure coding to combat a variety of security vulnerabilitiesimplement C# secure coding to combat common code vulnerabilitiesimplement JavaScript secure coding to combat Cross Site Scripting attacksuse CVSS scoring for vulnerabilitiesuse OWASP Zap vulnerability scanner to test web sites for common vulnerabilitiesuse Vega Vulnerability Scanner to test web sites for common vulnerabilitiessummarize the key concepts covered in this course
IN THIS COURSE
-
1.Course Overview1m 25sUP NEXT
-
2.Vulnerabilities and Counter Techniques3m 56s
-
3.OWASP Top 10 - Part A3m 40s
-
4.OWASP Top 10 - Part B7m 5s
-
5.OWASP Top 10 - Part C3m 57s
-
6.Threat Models5m 20s
-
7.Common Vulnerabilities and Exposures1m 59s
-
8.Java Rhino Script Vulnerability3m 49s
-
9.Python Remote Code Execution Vulnerability3m 38s
-
10.C# SQL Injection Vulnerability3m 27s
-
11.JavaScript SQL Injection Vulnerability4m 1s
-
12.Java SQL Injection Vulnerability3m
-
13.Python Common Vulnerabilities3m 55s
-
14.C# Common Vulnerabilities3m 39s
-
15.JavaScript Cross Site Scripting Attacks3m 39s
-
16.Using the Common Vulnerability Scoring System (CVSS)4m 53s
-
17.Using OWASP Zap Web Vulnerability Scanner4m 26s
-
18.Using Vega Web Vulnerability Scanner4m 16s
-
19.Course Summary1m 32s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform
Digital badges are yours to keep, forever.