Prepare for the ninth and tenth most common vulnerabilities on the 2021 OWASP Top 10 List: security logging and monitoring failures and server-side request forgery.
OWASP Top 10: #9 Components with Known Vulnerabilities and #10 Insufficient Logging and Monitoring
Overview
Syllabus
Introduction
- 2021 OWASP Top 10
- OWASP Top 10 series
- What are security monitoring and logging failures?
- Example 1: 2018 Starwood data breach
- Example 2: 2021 South Georgia Medical Center insider threat
- Prevention technique: Ensure logging includes sufficient user context
- Prevention technique: Ensure monitoring and alerting are active and consistent
- Prevention technique: Establish an incident response and recovery plan
- What is Server-Side Request Forgery (SSRF)?
- Example 1: 2019 Capital One breach
- Example 2: 2017 GitHub Enterprise chained exploits
- Prevention technique: Network layer prevention techniques
- Prevention technique: Application layer
- Prevention technique: Require authentication for internal services
- Explore more of the OWASP Top 10
Taught by
Caroline Wong
Related Courses
-
OWASP Top 10: Server Side Request Forgery
-
OWASP Top 10 - Risks 6-10
-
OWASP Top 10 - A10:2021 - Server-Side Request Forgery (SSRF)
-
OWASP Top 10 - A09:2021 - Security Logging and Monitoring Failures
-
OWASP Top 10: Security Logging and Monitoring Failures
-
OWASP API Security Top 10 Course – Secure Your Web Apps
5.0
