Description
In this course, you will :
- Examine how they generate the Top Ten list, including where it comes from, how they calculate the severity of each risk, and how they determine where each risk ranks.
- Depending on your requirements, we also examine the potential disparity between OWASP's ranking and your own organization's ranking.
- Investigate issues such as broken access control, cryptographic failures, injection attacks, insecure design, and security misconfiguration. We'll use demos, graphics, and real-world examples to help you understand the specifics of each risk.
- examine Vulnerable and Outdated Components, Failures in Identification and Authentication, Software and Data Integrity, Security Logging and Monitoring Failures, and Server-Side Request Forgery (SSRF). We'll use demos, graphics, and real-world examples to help you understand the specifics of each risk.
- In the OWASP Top Ten 2021 list, three very relevant security risks were merged into larger topics. It is still critical to understand the specifics of how these risks operate.
- XML External Entities (XXE), Cross-Site Scripting (XSS), and Insecure Deserialization are all topics to investigate.
Syllabus :
- OWASP Top 10 - Welcome and Risks 1-5
- OWASP Top 10 - Risks 6-10
- Previous OWASP Risks