OWASP Top 10: What's New

Focused View

Gavin Johnson-Lynn

1:18:25

6 View

01. Course Overview

01. Course Overview.mp4

01:44

02. Changes to the Top 10

02. Data Sources for the Top 10.mp4

02:09

03. Understanding Category Metrics.mp4

07:33

04. The New Top 10 - Categories 1-5.mp4

05:21

05. The New Top 10 - Categories 6-10.mp4

05:06

06. Beyond the Top 10.mp4

04:12

03. New Categories in the Top 10

07. Understanding Insecure Design.mp4

05:24

08. Defenses for Insecure Design.mp4

01:37

09. Software and Data Integrity Failures.mp4

06:38

10. Defenses for Software and Data Integrity Failures.mp4

01:47

11. Understanding Server-side Request Forgery.mp4

04:29

12. Server-side Request Forgery Demo.mp4

03:25

13. Defenses for Server-side Request Forgery.mp4

03:44

04. The Effect on Security Roles

14. Security Architecture and Engineering.mp4

05:47

15. Risk Management.mp4

02:31

16. Compliance.mp4

04:18

17. Defense.mp4

05:16

18. Penetration Tetsing.mp4

03:24

19. Red Teaming.mp4

04:00

Description

The OWASP Top 10 is a respected guide to critical risks in web applications. The newest release brings fresh categories and consolidates old ones. This course explores the changes and gives guidance on how this affects various security roles.

What You'll Learn?

Web application security is constantly evolving as attackers find new vulnerabilities and refine their methods of attacking old ones. Keeping up to date on common vulnerabilities can be challenging and so the OWASP Top 10 brings together the information you need to protect your web applications. In this course, OWASP Top 10: What’s New, you’ll learn about the most important categories of vulnerability that should demand your attention. First you’ll explore all of the categories that are presented in the newest OWASP top 10. Next you’ll discover more detail about the newest of the vulnerabilities on the list. Finally, you’ll learn how the changes to the OWASP top 10 affect the various roles within the security industry. When you’re finished with this course, you’ll have the knowledge and skills you need to see the changing threats to web applications and how they can impact on different areas of security.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Penetration Testing

Network Security

Gavin Johnson-Lynn

Instructor's Courses

Gavin has 20 years’ experience writing software in regulated environments and for global organisations. The last five years of his development career were spent with a focus on security, becoming the security lead for a significant payments project at a FTSE 100 company. He has experience with languages from COBOL to .Net and now often finds those skills useful when developing with Python. Gavin's experience of software security revealed a passion for security, leading him to become a speaker and blogger on the subject. Gavin holds the Certified Secure Software Lifecycle Professional (CSSLP) and Scrum Master certifications and is currently part of an offensive security team, using his defensive knowledge to aid offensive security work.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.