Modern Browser Security Reports

By Scott Helme and Troy Hunt
In this course, you’ll learn a number of browser security reporting features and how to implement them on any website.
Play course overview
Course info
Rating
(44)
Level
Beginner
Updated
Aug 3, 2018
Duration
57m
Table of contents
Course Overview
Course Overview 1m
Importance of Browser Security Reporting
Introduction 2m
Content Security Policies (CSP) Reporting
CSP Overview 10m Compatibility and Support with CSP 2m Report URI Demo 5m
HTTP Public Key Pinning Reporting
Reporting Constructs Overview 2m HPKP Usage Examples 3m How HPKP Works 5m
Certificate Authority Authorization (CAA) Reporting
CAA Overview and How It Works 5m
Certificate Transparency (CT) Reporting
CT Overview and How It Works 5m Reporting with CT 5m
Cross-site Scripting (XSS) Reporting
XSS Overview and How It Works 6m Browser Security Header Adoption Rates 4m
Wrap-up
Course Recap 1m
Description
Course info
Rating
(44)
Level
Beginner
Updated
Aug 3, 2018
Duration
57m
Description

In this course, Modern Browser Security Reports, Troy Hunt and Scott Helme discuss how browsers have evolved in recent years to provide a range of new security constructs and increasingly involve the ability to report back to site owners when something unexpected of a security nature occurs. Learn the features of content security policies, HTTP public key pinning, certificate authority authorization, certificate transparency, and cross-site scripting reporting. By the end of this course, you’ll be able to implement browser security reporting features on any website.

About the author
Scott Helme
About the author

Scott Helme is a security researcher, consultant, and international speaker. He can often be found talking about web security and performance online and helping organizations better deploy both.

Troy Hunt
About the author

Troy Hunt is a Microsoft Regional Director and MVP for Developer Security. He's a regular conference speaker, frequent blogger at troyhunt.com and is the creator of the data breach notification service known as “Have I Been Pwned”.

More from the author
Ethical Hacking: Denial of Service
Beginner
2h 49m
Sep 17, 2019
Ethical Hacking: SQL Injection
Beginner
5h 25m
Sep 16, 2019
Ethical Hacking: Session Hijacking
Beginner
3h 27m
Sep 16, 2019
More courses by Troy Hunt
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi, this is Troy Hunt, I'm an Australian Pluralsight author of many different courses about how to secure your online things, and I've got a particular passion for web security. Hi, I'm Scott Helme, a UK-based security researcher and founder of Report URI and securityheaders. com. We're going to talk about a whole heap of modern web security standards, thigs like CSP, HPKP, CAA, CT, XSS, and a bunch of other acronyms I haven't even touched on. We're also going to talk about how the browser can report on each one of these security constructs. If there's an error on your website or the browser detects an attack, it can call back and tell you in real time that it's happening. I really enjoyed teaming up with Scott Helme on this course. He's one of the foremost experts in the area of modern browser security headers. I hope you'll join Scott and I in this Play by Play on Modern Browser Security Reporting.

You're the smartest person in the room

PROVE IT

Your team won't just close the skills gap

THEY'LL HURDLE IT