Course

Skills

Secure Coding in Go

Golang (Go) is used to build mission critical applications handling sensitive data. This course will teach you how to implement the most common security requirements and defenses recommended by OWASP in your Golong (Go) applications.

Preview this course

What you'll learn

Ready to become an expert in web security? In this course, Secure Coding in Go, if you are an intermediate learner looking to master web security, you will learn advanced techniques that will enable you to implement military-grade security defenses in Golang (Go) web applications. First, you'll explore the core concepts behind web security, including the theory and architecture as defined by the OWASP community. Next, you'll also gain awareness of the OWASP Top Ten threats, and how to apply an appropriate level of coverage and rigor when it comes to performing web application security verification based on the ASVS (Application Security Verification Standard). Finally, you'll learn about the OWASP Top Ten Proactive controls, the concrete techniques used to defend web applications. By the end of this course, you'll have the skills and knowledge needed to understand the most advanced techniques used to implement sophisticated security frameworks in any Golang (Go) web application.

Course Overview

2mins

Course Overview 2m

Software Security and Risk Principles

21mins

The Fundamentals of Software Security 3m
Web Security and Go 2m
OWASP the Open Web Application Security Project and Go 3m
The OWASP Top 10 5m
Go and the OWASP Top 10 Proactive Controls 1m
Mapping Security Requirements with the OWASP ASVS 3m
Demo: Forking and Customizing the ASVS GitHub Repository 3m
Summary 2m

Input Validation

20mins

Overview 2m
Whitelisting 3m
Boundary Checking 3m
Character Escaping 2m
Numeric Validation 1m
Checking for Null Bytes 2m
Checking for Newline Characters 3m
Checking for Path Alteration Characters 2m
Checking for Extended Utf8 Encoding 2m
Summary 1m

Output Encoding

17mins

Overview 1m
An Intro to XSS 2m
Types of XSS Attack 3m
Demo: Preventing XSS Attacks with Output Encoding 4m
SQL Injection 6m
Summary 1m

Authentication and Password Management

22mins

Overview 1m
Introduction to Authentication 1m
Types of Authentication 1m
Common Authentication Protocols 1m
Secure Communication Protocols 2m
Password Security Best Practices 1m
Password Storage Options 2m
Demo: Single Factor Authentication 4m
Password Policies 2m
Password Reset Functionality 2m
Demo: Multi Factor Authentication 5m
Summary 1m

Session Management

20mins

Overview 2m
Session Management Controls 2m
Secure Session Identifiers 2m
Session Integrity 3m
Tokens and Logout 2m
Demo: Secure Session Management 7m
Summary 2m

Access Control

15mins

Overview 2m
Files and Other Resources 2m
Protected URLs 2m
Protected Functions 2m
Direct Object References 2m
Services and Application Data 1m
Data Attributes and Policy Information 1m
Best Practices 2m
Summary 1m

Cryptographic Practices

14mins

Overview 1m
Hashing 2m
Demo: Hashing 2m
Encryption 3m
NaCL 2m
Demo: Encryption 2m
Cryptographic Practices 1m
Summary 2m

Error Handling and Logging

20mins

Overview 1m
Error Handling 1m
Effective Error Handling 6m
Logging 1m
Effective Logging 2m
Logging Best Practices 2m
Advanced Logging 2m
More Best Practices 2m
Ensuring Log File Integrity 2m
Summary 1m

Data Protection

14mins

Overview 2m
Managing Sensitive Information 2m
Scrubbing URLs 3m
Information Is Power 2m
Encryption Is the Key 2m
Disable What You Don't Need 2m
Cache Protection 2m
Summary 1m

Communication Security

26mins

Overview 2m
HTTP TLS 13m
Websockets 9m
Summary 2m

System Configuration

12mins

Overview 2m
Demo: Directory Listings 4m
Remove Disable What You Don't Need 2m
Implement Better Security 3m
Asset Management System 1m
Summary 2m

Database Security

15mins

Overview 3m
Best Practices 2m
Database Authentication 2m
Database Connections 3m
Parameterised Queries 2m
Stored Procedures 2m
Summary 1m

File Management

9mins

Overview 2m
Best Practices 3m
Demo: Capturing and Validating Files 2m
Summary 2m
Parameterised Queries 2m
Stored Procedures 2m
Summary 1m

General Coding Practices

19mins

Overview 2m
Memory Management 2m
Cross-site Request Forgery 9m
Regular Expressions 4m
Summary 2m

Memory Management

0mins

New Module

0mins

About the author

Paul Mooney

Paul is an accomplished cybersecurity expert known for building military-grade security systems and developing robust protection against malicious bots. As Chief Software Architect for a major US healthcare group, Paul excels in implementing secure solutions for critical environments. With his knowledge and hands-on experience, you will gain practical insights to construct cutting-edge security systems and defend against evolving cyber threats. By watching Paul's courses, you will acquire the sk... more

See more courses by Paul Mooney

Ready to upskill? Get started

Contact Sales

Secure Coding in Go

What you'll learn

Table of contents

About the author

Ready to skill up
your entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Ready to skill up
your entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Support

Community

Company

Industries

Newsletter

Contact Sales

Secure Coding in Go

What you'll learn

Table of contents

About the author

Get access now

Ready to skill upyour entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Ready to skill upyour entire team?

With your Pluralsight plan, you can:

With your 30-day pilot, you can:

Support

Community

Company

Industries

Newsletter

Ready to skill up
your entire team?

Ready to skill up
your entire team?