Course info
Sep 24, 2019
1h 23m
Your 10-day individual free trial includes:

Expert-led courses

Keep up with the pace of change with thousands of expert-led, in-depth courses.

Would you like the ability to recognize what is needed to make a web application properly manage sensitive data and prevent it from unintended exposure? This course, Secure Coding: Preventing Sensitive Data Exposure, will show you the knowledge that is based on the recommendations set by the Open Web Application Security Project (or OWASP in short). First, you will learn how to think of sensitive data and what constitutes sensitive data. Next, you will discover TLS; the protocol to protect sensitive data transmitted between a web browser and web application and the different facilities it provides to enable this protection. Finally, you will explore how to properly manage user passwords stored in a database. When you’re finished with this course, you will have the knowledge of preventing sensitive data exposure needed to effectively and efficiently apply them in your own Web applications.

About the author
About the author

Timothy Ghanim is a senior PKI developer specialized in development against PKI certification authorities (CAs), hardware security modules (HSMs), cryptography interfaces and commercial cryptography. Timothy has a very good knowledge in software development practices including architecture and design patterns. He is also able to develop and build an entire software development pipeline using Microsoft Visual Studio and Team Foundation Server.

Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
(Music playing) Hi everyone, my name is Timothy Ghanim, and welcome to my course Secure Coding: Preventing Sensitive Data Exposure. I am a .NET software developer at Ziva International. If you are developing a web application, then the open web application security project has a wide range of recommendations for you to protect your sensitive data against unintended exposure. In this course, we are going to look at two broad categories of attack vectors in a web application environment, which are data in-transit and data at rest. Some of the major topics that we will cover include a theoretical background of the types of sensitive data, exploiting weaknesses, both at the web application and browser sites to expose sensitive data in transit, different recommendations by OWASP to prevent attacks on data in transit, user password management and OWASP recommendations for a proper password protection. By the end of this course, you will have a strong foundational knowledge that can help you design secure web applications that properly protect user-sensitive data. Before beginning the course, you should be familiar with building web applications and have a basic understanding of networking protocols, such as DNS and HTTP. I hope you'll join me on this journey to learn how to properly prevent sensitive data exposure with the Secure Coding: Preventing Sensitive Data Exposure course at Pluralsight.