Play by Play: OWASP Top 10 2017
In this course, you’ll learn the risks that made the 2017 OWASP Top 10 and how best to utilize the OWASP Top 10 in your organization.
What you'll learn
Play by Play is a series in which top technologists work through a problem in real time, unrehearsed, and unscripted. In this course, Play by Play: OWASP Top 10 2017, Troy Hunt and Andrew van der Stock discuss the methodology used to construct the 2017 version of the OWASP Top 10. You’ll learn how the analysis of the data collected resulted in a reordering of the risks from the 2013 version, the inclusion of new risks, and the demotion of some risks that were included in previous versions. By the end of this course, you’ll be familiar with each risk and understand how best to use the 2017 OWASP Top 10.
Table of contents
- A1: Injection 4m
- A2: Broken Authentication 8m
- A3: Sensitive Data Exposure 4m
- A4: XML External Entities (XXE) 1m
- Employing OWASP ZAP to Exploit XXE 10m
- A5: Broken Access Control 3m
- A6: Security Misconfiguration 1m
- Integrating Security into the Software Development Lifecycle 3m
- A7: Cross-Site Scripting (XSS) 2m
- A8: Insecure Deserialization 7m
- A9: Using Components with Known Vulnerabilities 7m
- A10: Insufficient Logging & Monitoring 4m