role-iq-logo
Rock [Azure]
See all Azure roles

Secure Coding: Preventing Insecure Deserialization

This course will teach you the basics of serialization and deserialization, including serialization file formats, what insecure deserialization is, and how to prevent that type of vulnerability from occurring in your code.
Course info
Rating
(46)
Level
Intermediate
Updated
Mar 21, 2018
Duration
1h 2m
Table of contents
Description
Course info
Rating
(46)
Level
Intermediate
Updated
Mar 21, 2018
Duration
1h 2m
Description

As a developer, it is important to be familiar with common vulnerabilities that are often encountered in web application. Insecure deserialization is one of those vulnerabilities, ranking 8th in the OWASP Top 10 2017. In this course, Secure Coding: Preventing Insecure Deserialization, you will learn how to properly defend yourself against that particular vulnerability First, you will learn about the basics of serialization and deserialization, and about the various serialization file formats. Next, you will discover what insecure deserialization actually is, and how it can be exploited: In order to fix the problem, you need to know what can go wrong. Finally you will explore how to properly prevent insecure deserialization in any development language or framework. By the end of this course, you will have the secure coding skills and knowledge needed to prevent insecure deserialization vulnerabilities from creeping into your application.

About the author
About the author

Peter started out in the nineties as software engineer working on internet banking applications for various European financial institutions. Since 2004, he started specializing in pentesting complex and feature-rich web applications. Currently, he leads a global team of highly skilled and enthusiastic penetration testers as lead pentester.

More from the author
Performing DevSecOps Automated Security Testing
Intermediate
2h 39m
Jul 28, 2020
More courses by Peter Mosmans
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
[Autogenerated] Hi, everyone. My name is Peter Moss Mons and welcome to my course. Secure coding preventing insecure the serialization. I'm a lead ___________ tester working for multiple companies around the globe knew in the Old West, up 10 of 2017 at number eight, Insecure the serialization. Apparently, it's Dean's quite a critical risk for weapons ligations. But what is insecure, the serialization and how can you mitigate the risks in this course, we're going to take a look at the serialization and de serialization process. We're going to try to exploit some vulnerabilities, and we're going to see effective, secure solutions. Some off The major topics that will cover include what serialization and the sterilization is the failures, serialization file formats, insecure patterns that offer little to no protection and how to security, implement and apply the serialization. But if this course you'll know about which mitigation strategies work and won't work and why, before beginning, of course, you should be somewhat familiar with software development. The course itself is for anyone wanting to know what insecure de serialization is and how to prevent those vulnerabilities from creeping into your cold. I hope you join me on this journey to learn more about secure coding with the insecure thesis utilization course here at rural sides