Testing in Postman: Security Testing

Postman 10    |    Beginner
  • 15 videos | 2h 13m 20s
  • Includes Assessment
  • Earns a Badge
Rating 4.3 of 4 users Rating 4.3 of 4 users (4)
Application programming interface (API) security testing is the practice of identifying and addressing vulnerabilities in the API server. Authentication and authorization play a pivotal role in securing APIs, but vulnerabilities may still emerge due to complex systems, rapid development, and third-party components. In this course, you will learn the basic building blocks of implementing application security. You will examine the Open Web Application Security Project (OWASP) Top 10 lists of application and API security vulnerabilities, which research and document the most common security vulnerabilities for applications and provide guidance on how these issues can be mitigated. Then you will set up an API server with basic authentication for security and set up success-flow and failure-flow tests. Next, you will explore defense strategies against structured query language (SQL) injection errors and write tests to inject malignant SQL queries to run against the back-end database. Finally, you will discover how SQL best practices can help mitigate SQL injection attacks.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Recall aspects of secure apps
    Outline causes of security vulnerabilities
    Provide an overview of api security
    Outline a01 -a04 of the open web application security project (owasp) top 10 application vulnerabilities
    Outline a05 - a10 of the owasp top 10 application vulnerabilities
    Outline the owasp top 10 api security issues
    Set up a local server with basic authentication
  • Perform security tests for basic authentication
    Create security tests for different types of requests
    Catch authentication failures with security tests
    Describe how structured query language (sql) injection works
    View how sql injection attacks are executed
    View the requests in the postman security collection
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 2m 6s
    In this video, we will discover the key concepts covered in this course. FREE ACCESS
  • 11m 42s
    After completing this video, you will be able to recall aspects of secure apps. FREE ACCESS
  • Locked
    3.  Causes of Security Vulnerabilities
    6m 41s
    Upon completion of this video, you will be able to outline causes of security vulnerabilities. FREE ACCESS
  • Locked
    4.  Application Programming Interface (API) Security
    10m 24s
    After completing this video, you will be able to provide an overview of API security. FREE ACCESS
  • Locked
    5.  The OWASP Top 10 Vulnerabilities - Part I
    11m 48s
    Upon completion of this video, you will be able to outline A01 -A04 of the Open Web Application Security Project (OWASP) Top 10 application vulnerabilities. FREE ACCESS
  • Locked
    6.  The OWASP Top 10 Vulnerabilities - Part II
    12m 50s
    After completing this video, you will be able to outline A05 - A10 of the OWASP Top 10 application vulnerabilities. FREE ACCESS
  • Locked
    7.  OWASP API Security Top 10
    9m 22s
    Upon completion of this video, you will be able to outline the OWASP Top 10 API security issues. FREE ACCESS
  • Locked
    8.  Setting up a Locally Running Server with Basic Authentication
    7m 5s
    In this video, find out how to set up a local server with basic authentication. FREE ACCESS
  • Locked
    9.  Performing Security Tests for Basic Authentication
    10m 27s
    During this video, you will learn how to perform security tests for basic authentication. FREE ACCESS
  • Locked
    10.  Creating Security Tests for Basic Authentication
    7m 11s
    Discover how to create security tests for different types of requests. FREE ACCESS
  • Locked
    11.  Detecting Authentication Failures with Tests
    8m 32s
    In this video, you will learn how to catch authentication failures with security tests. FREE ACCESS
  • Locked
    12.  Testing APIs for SQL Injection
    12m 43s
    After completing this video, you will be able to describe how structured query language (SQL) injection works. FREE ACCESS
  • Locked
    13.  Demonstrating SQL Injecting with Raw Queries
    10m 9s
    During this video, discover how to view how SQL injection attacks are executed. FREE ACCESS
  • Locked
    14.  Using the Postman Security Collection Workspace
    9m 19s
    In this video, you will learn how to view the requests in the Postman security collection. FREE ACCESS
  • Locked
    15.  Course Summary
    3m
    In this video, we will summarize the key concepts covered in this course. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course OWASP Top 10: A03:2021-Injection
Rating 4.6 of 344 users Rating 4.6 of 344 users (344)
Course API Testing: Getting Started with Postman & API Requests
Rating 4.0 of 2 users Rating 4.0 of 2 users (2)
Course OWASP Top 10: Securing Web Applications
Rating 4.6 of 1111 users Rating 4.6 of 1111 users (1111)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course CompTIA Security+ Crash Course Bootcamp (Sept 2023): Session 2 Replay
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)
Course Developing an AI/ML Data Strategy: Data Bias & Ethical Considerations in AI
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)
Course Querying SQL Databases: Prompt Engineering to Work with Advanced SQL Operations
Rating 4.0 of 1 users Rating 4.0 of 1 users (1)