OWASP Top 10 Web Application Security Risks for ASP.NET

This course introduces the OWASP Top 10 Most Critical Web Application Security Risks including how to demonstrate and mitigate them in ASP.NET.
Course info
Rating
(1056)
Level
Intermediate
Updated
Apr 30, 2013
Duration
8h 6m
Table of contents
Introduction
Injection
Cross Site Scripting (XSS)
Broken Authentication and Session Management
Insecure Direct Object References
Cross Site Request Forgery (CSRF)
Security Misconfiguration
Insecure Cryptographic Storage
Failure to Restrict URL Access
Insufficient Transport Layer Protection
Unvalidated Redirects and Forwards
Description
Course info
Rating
(1056)
Level
Intermediate
Updated
Apr 30, 2013
Duration
8h 6m
Description

Web applications today are being hacked with alarming regularity by hacktivists, online criminals and nation states. Very frequently, it is the same prevalent security risks being exploited which is why the Open Web Application Security Project (OWASP) developed their list of Top 10 Most Critical Web Application Security Risks to help developers build more secure software. This course helps developers apply the Top 10 in ASP.NET using both web forms and MVC by walking through an overview of the risk, demonstrating how it can be exploited in .NET and then delving into the various approaches available to mitigate it by applying security in depth.

Course FAQ
Course FAQ
Who is OWASP?

OWASP is the Open Web Application Security Project - a global nonprofit organization whose focus is on improving web security.

What is the OWASP Top 10?

OWASP publishes a Top Ten list of the current most vulnerable security risks posed to web applications.

Is my web app vulnerable?

Something to remember is that nobody is safe from determined attackers - but don't let yourself be a low-hanging fruit.

What will I learn in this course?

While the OWASP Top 10 is technology agnostic, in this guide, we will be looking specifically at ASP.NET security.

What prerequisites are needed?

You will need a working knowledge of the .NET platform as this course is designed to show you how to locate and how to implement security in ASP.NET web applications.

Who is this course for?

This course is aimed at developers who want to protect their web apps from common security exploits.

About the author
About the author

Troy Hunt is a Microsoft Regional Director and MVP for Developer Security. He's a regular conference speaker, frequent blogger at troyhunt.com and is the creator of the data breach notification service known as “Have I Been Pwned”.

More from the author
Ethical Hacking: Denial of Service
Beginner
2h 50m
Sep 17, 2019
Ethical Hacking: SQL Injection
Beginner
5h 26m
Sep 16, 2019
Ethical Hacking: Session Hijacking
Beginner
3h 28m
Sep 16, 2019
More courses by Troy Hunt