Broken access controls can expose information and functionality in your service to unauthorized users and is currently one of the top vulnerabilities found in software. You need to understand those vulnerabilities in order to defend against potential attackers. In this course, Secure Coding: Preventing Broken Access Control, you will gain the ability to protect your code from access control vulnerabilities. First, you will learn to understand vulnerabilities and potential attacks against them. Next, you will discover some of the key principles associated with defensive code. Finally, you will explore how to write clean, readable, defensive code. When you are finished with this course, you will have the skills and knowledge needed to protect your code from access control vulnerabilities.
Course Overview [Autogenerated] Hi, everyone. My name is Gavin Johnson Lynn, and welcome to my course Secure, according preventing broke access control. I've worked in software development for a number of years, and I'm currently an offensive security specialist, improving the security of software on the business around me. Broken access control refers to a range of software vulnerabilities, which are some of the most common vulnerabilities in software. Today. They can expose a wide variety of information on functionality to unauthorized users, although they often straightforward to fix. In this course, we're going to understand how a real attacker confined and attack these vulnerabilities. This lets us see how our cord could be exploited in a realistic scenario. Armed with this information, well, then look at the fences. We can apply to a code. Some of the major topics that will cover include forced browsing, the find hidden functionality traversing directories for unauthorized file access, manipulating parameters to all the results on finding insecure direct object references. By the end of this course, you'll have some simple yet effective defenses that protect you from a range of broken access control vulnerabilities. Before beginning the course, you should have some experience with software development and ideally, some knowledge of client server communication, such as a browse error, talking to a Web server or an application talking to a Web based API. I hope you'll join me on this journey to learned a cord securely with the secure according preventing broken access control course app Pluralsight.