Détails
- 11 Sections
- 28 Lessons
- 3 Days
Expand all sectionsCollapse all sections
- OWASP Intro3
- 1.1Refreshing about HTTP Protocol
- 1.2WEB Application architecture
- 1.3Briefing about OWASP and the Top 10
- Broken Access Control2
- 2.1CORS
- 2.2Parameter Tampering
- Identification and Authentication Failures3
- 3.1Brute-Force Attacks and Weak passwords
- 3.2Credential Stuffing
- 3.3SSO and MFA : security myths
- Injection2
- 4.1SQL Injection
- 4.2Data validation
- Server-Side Request Forgery3
- 5.1XXE attack
- 5.2TOCTOU (Race Condition)
- 5.3Network Segmentation
- Security Misconfiguration2
- 6.1Error Handling Failures
- 6.2Environment Hardening
- Insecure Design3
- 7.1DevOps and Security
- 7.2Threat Modeling
- 7.3Network Segmentation
- Cryptographic Failures2
- 8.1Certificates and Secure Channels
- 8.2Data Security at Rest
- Vulnerable and Outdated Components2
- 9.1Vulnerability Assessments and tools
- 9.2Patch Management
- Software and Data Integrity Failures3
- 10.1Trusted Repositories
- 10.2Case of the SolarWinds Sunburst Attack
- 10.3Insecure Deserialization
- Security Logging and Monitoring Failures3
- 11.1Log Storage & Format
- 11.2Incident Handling
- 11.3Digital Forensics
