• Online, Self-Paced
Course Description

Cross-Site Request Forgery (CSRF) occurs when a web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. This course introduces ways to identify and mitigate this security weakness, referenced as CWE-352 by the 2020 CWE Top 25.

Learning Objectives


On successful completion of this course, learners should have the knowledge and skills to:

  • Identify Cross Site Request Forgery vulnerabilities
  • Recognize the potential impact of this vulnerability
  • Apply coding best practices to avoid it
  • Find Cross Site Request Forgery vulnerabilities in your applications source code
  • Test your application to detect it

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):