Secure Coding: Preventing Sensitive Data Exposure

Focused View

Timothy Ghanim

1:23:39

24 View

00. Course Overview

00. Course Overview.mp4

01:33

01. Defining OWASP Top 10 Sensitive Data Exposure

00. Introduction to Sensitive Data.mp4

06:43

01. Attack Surface Analysis.mp4

04:49

02. Real-world Examples.mp4

02:46

02. Attacking the Web Application

00. Overview.mp4

02:56

01. Data In-transit Attack Context.mp4

04:21

02. Demo - Attack on Plain HTTP In-transit.mp4

05:13

03. Transport Layer Security (TLS).mp4

05:23

04. Demo - Using HTTPS.mp4

02:30

05. New Attack Vector.mp4

02:26

06. Discussion.mp4

03:14

07. Perfect Forward Secrecy.mp4

02:48

08. OWASP Recommendations.mp4

03:26

09. Summary.mp4

01:21

03. Attacking the Web Browser

00. Overview.mp4

01:25

01. X.509 Certificates.mp4

03:21

02. Demo - Web Client X.509 Certificate Validation.mp4

01:57

03. OWASP Recommendations.mp4

03:05

04. Protocol Downgrading Attack Context.mp4

01:56

05. Demo - Protocol Downgrading.mp4

02:08

06. Discussion - HSTS.mp4

02:44

07. Summary.mp4

01:14

04. Attacking Data at Rest

00. Overview.mp4

00:50

01. Password Management.mp4

05:03

02. Demo - Password Cracking.mp4

01:08

03. Salted Hashes.mp4

05:00

04. Cryptography Alone Is Not Enough.mp4

04:19

Description

In this course, you will look from an attack-driven perspective at several OWASP recommendations for preventing sensitive data exposure when developing a web application.

What You'll Learn?

Would you like the ability to recognize what is needed to make a web application properly manage sensitive data and prevent it from unintended exposure? This course, Secure Coding: Preventing Sensitive Data Exposure, will show you the knowledge that is based on the recommendations set by the Open Web Application Security Project (or OWASP in short). First, you will learn how to think of sensitive data and what constitutes sensitive data. Next, you will discover TLS; the protocol to protect sensitive data transmitted between a web browser and web application and the different facilities it provides to enable this protection. Finally, you will explore how to properly manage user passwords stored in a database. When you’re finished with this course, you will have the knowledge of preventing sensitive data exposure needed to effectively and efficiently apply them in your own Web applications.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Penetration Testing

Computer Network

Network Engineering

Timothy Ghanim

Instructor's Courses

Timothy is a software developer who's been around for some time now. He started playing with code at an early age and has picked up alot of expertise in many areas of software development on different platforms using many programming languages. He also is very well familiar with many associated technologies and development stacks and has run through the software development lifecycle many times so far. In the past decade, Timothy's focus was on software security, specifically on writing secure code and working with security technologies.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.