Testing in Postman: Security Testing

Postman 10 | Beginner

15 videos | 2h 13m 20s
Includes Assessment
Earns a Badge

From Channel:

APIs

From Journey:

API Testing with Postman

Application programming interface (API) security testing is the practice of identifying and addressing vulnerabilities in the API server. Authentication and authorization play a pivotal role in securing APIs, but vulnerabilities may still emerge due to complex systems, rapid development, and third-party components. In this course, you will learn the basic building blocks of implementing application security. You will examine the Open Web Application Security Project (OWASP) Top 10 lists of application and API security vulnerabilities, which research and document the most common security vulnerabilities for applications and provide guidance on how these issues can be mitigated. Then you will set up an API server with basic authentication for security and set up success-flow and failure-flow tests. Next, you will explore defense strategies against structured query language (SQL) injection errors and write tests to inject malignant SQL queries to run against the back-end database. Finally, you will discover how SQL best practices can help mitigate SQL injection attacks.

WHAT YOU WILL LEARN

Discover the key concepts covered in this course

Recall aspects of secure apps

Outline causes of security vulnerabilities

Provide an overview of api security

Outline a01 -a04 of the open web application security project (owasp) top 10 application vulnerabilities

Outline a05 - a10 of the owasp top 10 application vulnerabilities

Outline the owasp top 10 api security issues

Set up a local server with basic authentication
Perform security tests for basic authentication

Create security tests for different types of requests

Catch authentication failures with security tests

Describe how structured query language (sql) injection works

View how sql injection attacks are executed

View the requests in the postman security collection

Summarize the key concepts covered in this course

IN THIS COURSE

2m 6s

In this video, we will discover the key concepts covered in this course. FREE ACCESS
11m 42s

After completing this video, you will be able to recall aspects of secure apps. FREE ACCESS
3. Causes of Security Vulnerabilities

6m 41s

Upon completion of this video, you will be able to outline causes of security vulnerabilities. FREE ACCESS
4. Application Programming Interface (API) Security

10m 24s

After completing this video, you will be able to provide an overview of API security. FREE ACCESS
5. The OWASP Top 10 Vulnerabilities - Part I

11m 48s

Upon completion of this video, you will be able to outline A01 -A04 of the Open Web Application Security Project (OWASP) Top 10 application vulnerabilities. FREE ACCESS
6. The OWASP Top 10 Vulnerabilities - Part II

12m 50s

After completing this video, you will be able to outline A05 - A10 of the OWASP Top 10 application vulnerabilities. FREE ACCESS
7. OWASP API Security Top 10

9m 22s

Upon completion of this video, you will be able to outline the OWASP Top 10 API security issues. FREE ACCESS
8. Setting up a Locally Running Server with Basic Authentication

7m 5s

In this video, find out how to set up a local server with basic authentication. FREE ACCESS
9. Performing Security Tests for Basic Authentication

10m 27s

During this video, you will learn how to perform security tests for basic authentication. FREE ACCESS
10. Creating Security Tests for Basic Authentication

7m 11s

Discover how to create security tests for different types of requests. FREE ACCESS
11. Detecting Authentication Failures with Tests

8m 32s

In this video, you will learn how to catch authentication failures with security tests. FREE ACCESS
12. Testing APIs for SQL Injection

12m 43s

After completing this video, you will be able to describe how structured query language (SQL) injection works. FREE ACCESS
13. Demonstrating SQL Injecting with Raw Queries

10m 9s

During this video, discover how to view how SQL injection attacks are executed. FREE ACCESS
14. Using the Postman Security Collection Workspace

9m 19s

In this video, you will learn how to view the requests in the Postman security collection. FREE ACCESS
15. Course Summary

3m

In this video, we will summarize the key concepts covered in this course. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Course API Testing: The Basics of Testing APIs with Postman

(1)

Course Testing in Postman: Performance Testing

(1)

Course Security Software Assessments

(94)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills & Salary Report

ESG Impact Report

Testing in Postman: Security Testing

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE