Course Description
Discover security aspects focusing on OWASP Top 10 - 2017 item A9: Using Components with Known Vulnerabilities, item A8: Insecure Deserialization, and item A7: Cross-Site Scripting (XSS).
Learning Objectives
OWASP: Top 10 Items A9, A8, & A7
- describe OWASP Top 10 2017 item A9 dealing with known vulnerabilities
- review different types of vulnerabilities
- purchase merchandise at an unauthorized discount
- describe OWASP Top 10 2017 item A8 which involves insecure deserialization
- recognize how insecure deserialization can be mitigated by treating it as user input
- secure traffic by encrypting it with IPSec to protect serialized data
- describe OWASP Top 10 2017 item A7 relating to cross-site scripting (XSS)
- recognize how cross-site scripting can be mitigated
- perform a fuzz test using OWASP ZAP
- identify insecure components, serialization, and XSS