Secure Coding
In the Secure Coding training course, Sunny Wear will show you how secure coding is important when it comes to lowering risk and vulnerabilities. Learn about XSS, Direct Object Reference, Data Exposure, Buffer Overflows, & Resource Management.
Course Description
About Cybrary’s Secure Coding Training Course
In this course, participants are introduced to the primary best practices of Secure Coding, including the following: • Lab Tools, vulnerable web apps OWASP Top 10 for 2013 • SANS Top 25 for 2011 • Active Defenses • Threat Modelling Knowing the principles behind secure coding carries a variety of benefits to individuals and employees who are writing code and building applications / software products. Some of the main benefits include: • Protection of applications • Protection of Intellectual property • Protection of Business Reputation • Government mandates (eg PCI_DSS/PA-DSS) The instructor also discusses how secure coding is important when it comes to lowering risk and vulnerabilities. Learn about XSS, Direct Object Reference, Data Exposure, Buffer Overflows, Resource Management, Active Defenses, and Threat Modeling. If you know what these vulns look like, then you will have a better chance of engineering products that prevent against them. This secure coding course is a non-language specific class that EVERY engineer should take! Instructor: @sunnywear Course Length: 9.5 hours Do you know someone who could benefit from this training class? Email them an invite and they can join you, and you earn cybytes!
Email them an invite
In this course, participants are introduced to the primary best practices of Secure Coding, including the following: • Lab Tools, vulnerable web apps OWASP Top 10 for 2013 • SANS Top 25 for 2011 • Active Defenses • Threat Modelling Knowing the principles behind secure coding carries a variety of benefits to individuals and employees who are writing code and building applications / software products. Some of the main benefits include: • Protection of applications • Protection of Intellectual property • Protection of Business Reputation • Government mandates (eg PCI_DSS/PA-DSS) The instructor also discusses how secure coding is important when it comes to lowering risk and vulnerabilities. Learn about XSS, Direct Object Reference, Data Exposure, Buffer Overflows, Resource Management, Active Defenses, and Threat Modeling. If you know what these vulns look like, then you will have a better chance of engineering products that prevent against them. This secure coding course is a non-language specific class that EVERY engineer should take! Instructor: @sunnywear Course Length: 9.5 hours Do you know someone who could benefit from this training class? Email them an invite and they can join you, and you earn cybytes!
Module 1: Introduction
Module 2: OWASP Top 10 A1 Injection
Module 3: OWASP Top 10 A2 Broken Authentication and Session Management
Module 4: OWASP Top 10 A3 Cross-site Scripting
Module 5: OWASP Top 10 A4 Insecure Direct Object Reference
Module 6: OWASP Top 10 A5 Security Misconfiguration
Module 7: OWASP Top 10 A6 Sensitive Data Exposure
Module 8: OWASP Top 10 A7 Missing Function Level Access Control
Module 9: OWASP Top 10 A8 Cross-site Request Forgery
Module 10: OWASP Top 10 A9 Using Components with Known Vulns
Module 11: OWASP Top 10 A10 Unvalidated Redirects and Forwards
Module 12: CWE SANS Top 25 Buffer Overflows
Module 13: CWE SANS Top 25 Insecure Interaction Between Components
Module 14: CWE SANS Top 25 Risky Resource Management
Module 15: CWE SANS Top 25 Porous Defenses
Module 16: Honorable Mentions
Module 17: Active Defenses
Module 18: Threat Modeling