Learning the OWASP Top 10

Focused View

Caroline Wong

35:56

218 View

1. Introduction

01. A first look at the 2021 OWASP Top Ten.mp4

01:24

2. New to the Top Ten

02. Broken access control.mp4

04:37

03. Cryptographic failures.mp4

03:00

04. Injection.mp4

04:19

05. Insecure design.mp4

02:58

06. Security misconfiguration.mp4

03:24

07. Vulnerable and outdated components.mp4

03:02

08. Identification and authentication failures.mp4

03:17

09. Software and data integrity failures.mp4

03:35

010. Security logging and monitoring failures.mp4

03:17

011. Server-side request forgery (SSRF).mp4

01:43

3. Conclusion

012. Where to go from here with the 2021 OWASP Top Ten.mp4

01:20

Description

No organization—no matter how large or small—is invulnerable to security breaches. What makes all of these systems, and the software that runs them, susceptible to attack? The Open Web Application Security Project (OWASP) was formed to provide the public with the resources to understand key risks and improve software security. And every few years, they publish a list of the ten biggest application security vulnerabilities. In this course, application security expert Caroline Wong provides an overview of the 2021 OWASP Top 10, presenting information about each vulnerability category, its prevalence, and its impact. Though aimed at IT security professionals and developers, anyone who uses web applications will benefit from an understanding of these risks.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Software Engineering

Software Development

Caroline Wong

Instructor's Courses

I am a strategic leader with strong communications skills, cybersecurity knowledge, and deep experience delivering global programs. My practical information security knowledge stems from broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. I authored the popular textbook Security Metrics: A Beginner's Guide. My writing is also featured in Epic Failures in DevSecOps Vol. 1, CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers, Cybersecurity Career Guide: Who Works in Cybersecurity, How We Got Started, Why We Need You, and IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data. I host the Humans of InfoSec Podcast: https://soundcloud.com/humans-of-infosec Speaking engagements include: • Global AppSec DC (2019) • RSA USA (2019, 2018, 2017, 2014, 2013, 2011, 2010) • Developer Week (2019, 2018) • Source Phoenix-Mesa (2018) • SnowFROC (2018) • IoT Tech Expo NA (2017) • DevOps Enterprise Summit (2017) • DevSecCon Boston (2017) • BSidesLV (2017) • OWASP AppSec Cali (2018, 2017, 2016) • O'Reilly Security NY (2016) • CIO Asia (2012) • Metricon 7.0 (2012) • Security Development Conference (2012) • ISC2 Security Congress (2011) • ITWeb Security Summit (2011) • RSA Europe (2010)

Linkedin Learning

View courses Linkedin Learning

LinkedIn Learning is an American online learning provider. It provides video courses taught by industry experts in software, creative, and business skills. It is a subsidiary of LinkedIn. All the courses on LinkedIn fall into four categories: Business, Creative, Technology and Certifications. It was founded in 1995 by Lynda Weinman as Lynda.com before being acquired by LinkedIn in 2015. Microsoft acquired LinkedIn in December 2016.