A10 and A9: API and Component Attacks

OWASP | Intermediate

12 videos | 49m 11s
Includes Assessment
Earns a Badge

(336)

From Channel:

OWASP

OWASP Top 10 list items 10 and 9 are exploits of APIs and components of web applications.

WHAT YOU WILL LEARN

Define what an underprotected api is

Describe how underprotected apis can be exploited and what kind of access is needed to exploit it

Describe how easy it is to detect underprotected apis and how common they are

List the technical and business impacts of underprotected apis

Provide examples of underprotected api attacks

Specify what a vulnerable component is
Describe how vulnerable components can be exploited and what kind of access is needed to exploit them

Describe how easy it is to detect vulnerable components and how common they are

List the technical and business impacts of vulnerable components

Provide examples of vulnerable component attacks

Purchase merchandise at an unauthorized discount

Describe what a10 and a9 are and how they affect web application security

IN THIS COURSE

7m 13s

In this video, you will learn how to define what an API is that is underprotected. FREE ACCESS
3m 38s

After completing this video, you will be able to describe how underprotected APIs can be exploited and what kind of access is needed to exploit them. FREE ACCESS
3. A10 - Underprotected API Detection

8m 17s

Upon completion of this video, you will be able to describe how easy it is to detect underprotected APIs and how common they are. FREE ACCESS
4. A10 - Unprotected API Impacts

3m 48s

Upon completion of this video, you will be able to list the technical and business impacts of unprotected APIs. FREE ACCESS
5. A10 - Unprotected API Examples

3m 29s

After completing this video, you will be able to provide examples of underprotected API attacks. FREE ACCESS
6. A9 - Using Components with Known Vulnerabilities

3m 21s

After completing this video, you will be able to specify what a vulnerable component is. FREE ACCESS
7. A9 - Vulnerable Component Exploits

2m 12s

After completing this video, you will be able to describe how vulnerable components can be exploited and what kind of access is needed to exploit them. FREE ACCESS
8. A9 - Vulnerable Component Detection

4m 7s

Upon completion of this video, you will be able to describe how easy it is to detect vulnerable components and how common they are. FREE ACCESS
9. A9 - Vulnerable Component Impacts

4m 7s

Upon completion of this video, you will be able to list the technical and business impacts of vulnerable components. FREE ACCESS
10. A9 - Vulnerable Component Attacks

4m 44s

After completing this video, you will be able to provide examples of vulnerable component attacks. FREE ACCESS
11. A9 - Shopping Cart Component Flaw

2m 16s

In this video, you will learn how to purchase merchandise at a discount without authorization. FREE ACCESS
12. Exercise: A10 and A9 Security Risks

2m

Upon completion of this video, you will be able to describe what A10 and A9 are and how they affect web application security. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

Course OWASP Top 10: A1 - Injection

(119)

Course OWASP Top 10: A01:2021-Broken Access Control

(276)

Channel OWASP

(1)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course OWASP Top 10: A04:2021-Insecure Design

(219)

Course Certified Secure Software Lifecycle Professional (CSSLP) 2019: Secure Coding Practices

(498)

Course A8 and A3: Cross-Site Attacks

(439)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills and Salary Report

ESG Impact Report

A10 and A9: API and Component Attacks

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE