Dive into a comprehensive crash course on the OWASP API Security Top 10, 2023 edition. Explore each of the top 10 security risks in detail, learning techniques to fortify APIs against potential threats. Cover key concepts beyond the Top 10, including injections, insufficient logging and monitoring, and business logic flaws. Gain valuable insights from APIsec University and Corey Ball as they guide you through crucial API security topics. Understand how the OWASP Top 10 is compiled, mapped to external sources, and updated. By the end of this 1-2 hour course, acquire essential knowledge to enhance the security of your web applications and APIs.
Overview
Syllabus
⌨️ Welcome to APIsec University
⌨️ Introduction to OWASP API Security and Beyond!
⌨️ How the Course Works
⌨️ Course Objectives
⌨️ What is OWASP
⌨️ How is the Top 10 Compiled?
⌨️ Mapped to External Sources
⌨️ Updates to the OWASP API Security Top 10
⌨️ API1:2023 - Broken Object Level Authorization
⌨️ API2:2023 - Broken Authentication
⌨️ API3:2023 - Broken Object Property Level Authorization
⌨️ API4:2023 - Unrestricted Resource Consumption
⌨️ API5:2023 - Broken Function Level Authorization
⌨️ API6:2023 - Unrestricted Access to Sensitive Business Flows
⌨️ API7:2023 - Server Side Request Forgery
⌨️ API8:2023 - Security Misconfiguration
⌨️ API9:2023 - Improper Inventory Management
⌨️ API10:2023 - Unsafe Consumption of APIs
⌨️ Injections
⌨️ Insufficient Logging & Monitoring
⌨️ Business Logic Flaws
Taught by
freeCodeCamp.org
Related Courses
-
API Security with the OWASP API Security Top 10
-
Introduction to the OWASP API Security Top 10
-
OWASP Top 10 Vulnerabilities Course (How To)
-
OWASP Top 10 - A05:2021 - Security Misconfiguration
-
OWASP Top 10 Web Application Security Risks for ASP.NET
-
OWASP Top 10 - A10:2021 - Server-Side Request Forgery (SSRF)
