Secure Programmer: Vulnerabilities

Intermediate
  • 19 videos | 1h 11m 37s
  • Includes Assessment
  • Earns a Badge
Rating 4.5 of 186 users Rating 4.5 of 186 users (186)
Explore various software vulnerability topics in this 19-video, which opens with a look at specific security vulnerabilities and how to program counter techniques. Then learners receive three tutorials on the OWASP (Open Web Application Security Project) Top 10 vulnerabilities: SQL injection, broken authentication, and cross-site scripting; broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection; and cross-site request forgery, using components with known vulnerabilities, and under protected application programming interfaces (APIs). Examine use of threat models including STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation), PASTA (the Process for Attack Simulation and Threat Analysis), DREAD (Damage, Reproductibility, Exploitability, Affected Users, Discoverability), and SQUARE (Security Quality Requirements Engineering). Use CVE (common vulnerabilities and exposures) vulnerability scoring, and examine Java, Python, C#, and Javascript SQL secure coding examples. Implement Python secure coding to combat SQL vulnerability; C# to combat common code vulnerabilities, and Javascript to combat Cross Site Scripting attacks. Use Common Vulnerability Scoring System (CVSS), and finally, use OWASP Zap and Vega vulnerability scanners to test websites for common vulnerabilities.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Describe specific security vulnerabilities and recognize how to program counter techniques
    Describe owasp top 10 vulnerabilities including sql injection, broken authentication, and cross-site scripting
    Describe owasp top 10 vulnerabilities including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection
    Describe owasp top 10 vulnerabilities including cross-site request forgery, using components with known vulnerabilities, and underprotected apis
    Describe and use threat models including stride, pasta, dread, and square
    Describe and use cve vulnerability scoring
    Implement java secure coding to combat rhino script vulnerability
    Implement python secure coding to combat remote code execution vulnerability
    Implement c# secure coding to combat sql injection vulnerability
  • Implement javascript secure coding to combat sql injection vulnerability
    Implement java secure coding to combat sql injection vulnerability
    Implement python secure coding to combat a variety of security vulnerabilities
    Implement c# secure coding to combat common code vulnerabilities
    Implement javascript secure coding to combat cross site scripting attacks
    Use cvss scoring for vulnerabilities
    Use owasp zap vulnerability scanner to test web sites for common vulnerabilities
    Use vega vulnerability scanner to test web sites for common vulnerabilities
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 1m 25s
  • 3m 56s
    After completing this video, you will be able to describe specific security vulnerabilities and recognize how to program countermeasures. FREE ACCESS
  • Locked
    3.  OWASP Top 10 - Part A
    3m 40s
    Upon completion of this video, you will be able to describe OWASP Top 10 vulnerabilities, including SQL injection, broken authentication, and cross-site scripting. FREE ACCESS
  • Locked
    4.  OWASP Top 10 - Part B
    7m 5s
    Upon completion of this video, you will be able to describe the OWASP Top 10 vulnerabilities, including broken access control, security misconfiguration, sensitive data exposure, and insufficient attack protection. FREE ACCESS
  • Locked
    5.  OWASP Top 10 - Part C
    3m 57s
    After completing this video, you will be able to describe OWASP Top 10 vulnerabilities including cross-site request forgery, using components with known vulnerabilities, and underprotected APIs. FREE ACCESS
  • Locked
    6.  Threat Models
    5m 20s
    After completing this video, you will be able to describe and use threat models including STRIDE, PASTA, DREAD, and SQUARE. FREE ACCESS
  • Locked
    7.  Common Vulnerabilities and Exposures
    1m 59s
    Upon completion of this video, you will be able to describe and use the CVE vulnerability scoring system. FREE ACCESS
  • Locked
    8.  Java Rhino Script Vulnerability
    3m 49s
    Find out how to implement Java secure coding to combat the Rhino Script vulnerability. FREE ACCESS
  • Locked
    9.  Python Remote Code Execution Vulnerability
    3m 38s
    Find out how to implement Python secure coding to combat Remote Code Execution Vulnerability. FREE ACCESS
  • Locked
    10.  C# SQL Injection Vulnerability
    3m 27s
    In this video, learn how to implement C# secure coding to prevent SQL Injection Vulnerability. FREE ACCESS
  • Locked
    11.  JavaScript SQL Injection Vulnerability
    4m 1s
    In this video, find out how to implement secure coding in JavaScript to combat SQL Injection Vulnerability. FREE ACCESS
  • Locked
    12.  Java SQL Injection Vulnerability
    3m
    Find out how to implement Java secure coding to combat SQL Injection Vulnerability. FREE ACCESS
  • Locked
    13.  Python Common Vulnerabilities
    3m 55s
    In this video, you will learn how to use Python secure coding to combat a variety of security vulnerabilities. FREE ACCESS
  • Locked
    14.  C# Common Vulnerabilities
    3m 39s
    Find out how to implement C# secure coding to prevent common code vulnerabilities. FREE ACCESS
  • Locked
    15.  JavaScript Cross Site Scripting Attacks
    3m 39s
    Find out how to implement secure JavaScript coding to combat Cross Site Scripting attacks. FREE ACCESS
  • Locked
    16.  Using the Common Vulnerability Scoring System (CVSS)
    4m 53s
    In this video, you will learn how to use CVSS scoring for vulnerabilities. FREE ACCESS
  • Locked
    17.  Using OWASP Zap Web Vulnerability Scanner
    4m 26s
    In this video, find out how to use the OWASP Zap vulnerability scanner to test web sites for common vulnerabilities. FREE ACCESS
  • Locked
    18.  Using Vega Web Vulnerability Scanner
    4m 16s
    Find out how to use Vega Vulnerability Scanner to test websites for common vulnerabilities. FREE ACCESS
  • Locked
    19.  Course Summary
    1m 32s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course Information Security for Leaders: Elements of InfoSec
Rating 4.6 of 5 users Rating 4.6 of 5 users (5)
Course Certified in Cybersecurity (CC): Data Security & System Hardening
Rating 4.4 of 17 users Rating 4.4 of 17 users (17)
Channel Writing Secure Code
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Network Discovery Tools and Techniques
Rating 4.4 of 116 users Rating 4.4 of 116 users (116)
Course Secure Programmer: Software Design Techniques
Rating 4.6 of 128 users Rating 4.6 of 128 users (128)
Course CompTIA PenTest+: Application-based Attacks
Rating 4.5 of 125 users Rating 4.5 of 125 users (125)