Web Security and the OWASP Top 10: The Big Picture
OWASP Top 10 "The Big Picture" is all about understanding the top 10 web security risks we face on the web today in an easily consumable, well-structured fashion that aligns to the number one industry standard on the topic today.
What you'll learn
Security on the web is becoming an increasingly important topic for organisations to grasp. Recent years have seen the emergence of the hacktivist movement, the increasing sophistication of online career criminals and now the very real threat posed by nation states compromising personal and corporate security.
The Open Web Application Security Project gives us the OWASP Top 10 to help guide the secure development of online applications and defend against these threats.
This course takes you through a very well-structured, evidence-based prioritization of risks and, most importantly, how organizations building software for the web can protect against them.
Table of contents
OWASP stands for the Open Web Application Security Project - a helpful guide to the secure development of online applications and defense against threats. OWASP is free and open source, with access to an online community and helpful resources and tools for web application security.
The OWASP Top 10 is a document that outlines the most critical security risks to web applications for developers to be aware of. Examples of some of these security risks are broken authentication, security misconfigurations, and cross-site scripting (XSS).
You will learn about the top 10 web security risks we face on the web today. There is a module covering each risk. Those risks are:
- Broken authentication and session management
- Cross-site scripting (XSS)
- Insecure direct object references
- Security misconfiguration
- Sensitive data exposure
- Missing function level access control
- Cross-site request forgery (CSRF)
- Using components with known vulnerabilities
- Unvalidated redirects and forwards
Anyone who wants to learn about OWASP and the OWASP Top 10 should take this course. If you work with web security to any extent, you will find this course beneficial.
There are no strict prerequisites for this course, but it is an intermediate level, so some prior experience with web security will be helpful.