Secure Coding with OWASP in Django 4
Focused View
Sangeeta Singh
3:07:06
66 View
1. Course Overview.mp4
01:47
1. Course Introduction.mp4
04:30
2. OWASP ASVS - Introduction.mp4
03:06
3. Architecture, Design, and Threat Modeling.mp4
06:42
1. Authentication.mp4
04:04
2. Demo - Setup User Authentication.mp4
05:26
3. Demo - Good Password Practices.mp4
02:53
4. Demo - Two-factor Authentication.mp4
02:59
5. Demo - Password Reset.mp4
01:47
6. Demo - Protect Against Automation Attacks.mp4
03:26
1. Secure Sessions in Django.mp4
05:27
2. Cookie-based Session Management.mp4
03:56
3. Session Lifecycle.mp4
03:25
4. Step-up Authentication.mp4
05:04
5. Summary.mp4
00:55
1. Introduction to Access Control.mp4
03:12
2. Role-based Access Control.mp4
03:01
3. Access Control with Groups.mp4
02:16
4. How Does CSRF Attack Work.mp4
01:43
5. Anti-CSRF Mechanism in Django.mp4
01:35
6. Summary.mp4
00:54
1. Introduction to Input Validation.mp4
04:25
2. Validation and Sanitization of Form Data.mp4
05:12
3. Protecting from SQL Injection Attacks.mp4
03:52
4. Protecting from OS Injection Attacks.mp4
03:56
5. Insecure Deserialization of Data.mp4
02:01
1. Protecting Sensitive Data Using Django.mp4
04:31
2. Demo - Encrypt Sensitive Data in Cookies.mp4
02:31
3. Demo - Encrypt Sensitive Data in Database.mp4
01:46
4. Demo - Cleanup Data from the Browser.mp4
02:51
5. Demo - Users Privacy and Consent Workflow.mp4
02:36
6. Demo - Sending Data in GET vs POST Requests.mp4
02:07
7. Demo - Enforce Secure Protocols for Data in Transit.mp4
03:07
8. Summary.mp4
00:46
1. Introduction to Error Handling and Logging.mp4
03:33
2. How to Prevent Logging Sensitive Information.mp4
03:11
3. Obfuscating Sensitive Information.mp4
02:59
4. Logging Security Incidents.mp4
01:57
5. Error Handling Without Leaking Critical Information.mp4
01:57
6. Summary.mp4
00:51
01. Impact of Malicious Code on an App.mp4
04:21
02. Verify Dependency Packages.mp4
03:21
03. Detect Outdated and Vulnerable Packages.mp4
02:03
04. Generate SRI Hashes for JS Dependencies.mp4
02:59
05. Hardening Configuration in Production.mp4
01:30
06. Disable Debug Features in Production.mp4
02:17
07. Block Sensitive Information from Headers.mp4
02:01
08. Set Appropriate Security Headers.mp4
02:48
09. Validate HTTP Requests.mp4
01:43
10. Summary.mp4
01:07
1. Vulnerabilities in Business Logic.mp4
02:34
2. Adhere to Business Logic Flows.mp4
04:03
3. Rate Limiting on Business Actions.mp4
02:45
4. Summary.mp4
00:46
1. How Can Untrusted Files Prove Harmful.mp4
03:40
2. Limit the Size of File Being Uploaded.mp4
02:28
3. Validate Filename and Scan for Virus.mp4
02:53
4. Store Files Securely.mp4
03:49
5. What Is a SSRF Attack.mp4
01:35
6. Prevent SSRF Attacks.mp4
02:40
7. Summary.mp4
00:52
1. API and Web Services.mp4
03:32
2. Demo - Securing APIS.mp4
05:00
3. Demo - Validate JSON Schema.mp4
02:11
4. Summary.mp4
01:51
Description
This course will teach you how to use and implement the OWASP ASVS standards to write code that’s secure against malicious attacks.
What You'll Learn?
Django provides a great number of functionalities that can help you keep the application and its data safe and secure. In this course, Secure Coding with OWASP in Django 4, you’ll learn to write a secure application in Django that keeps the sensitive data safe and is resilient to attacks. First, you’ll explore how to properly handle authentication of users and authorization to resources. Next, you’ll discover how to sanitize and manage user input and output over TLS. Finally, you’ll learn how to harden your app by doing all the right configurations and checks to protect it from malicious code. When you’re finished with this course, you’ll have the skills and knowledge of Django and OWASP ASVS principles needed to develop an application that ensures the privacy of the users and keeps their data away from harm.
More details
User Reviews
Rating
average 0
Focused display
Sangeeta Singh
Instructor's CoursesSangeeta is a senior backend engineer with over 8 years of experience in developing highly scalable software, some of which are used by millions of users and many of the fortune 500 companies. She has worked with all sort of technology and softwares, ranging from systems programming for mission critical softwares at the RnD division of HPE, to predictive network analysis for a network at Packet Design, then leading development of critical components of Cloud backup softwares at Druva and now delivering critical integration with telecom companies in order to effectively collect and map data that can be used for targeted advertisement. Nowaday, her curiosity lies in data engineering, learning to work with huge datasets and making sense of it to create fruitful results. She derives great pleasure in building software that is intuitive, easily scalable, and maintainable. Other than that, Sangeeta is an avid traveller and enjoys taking long road trips to the remotest of places.
Pluralsight
View courses PluralsightPluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.
- language english
- Training sessions 65
- duration 3:07:06
- level advanced
- English subtitles has
- Release Date 2023/08/21
