Learn about the most important security concerns that you’ll need to address when developing websites, and what you can do to keep your servers, software, and data safe from harm.
Overview
Syllabus
Introduction
- The importance of security
- What is security?
- Why security matters
- What is a hacker?
- Threat models
- Total security is unachievable
- Least privilege
- Simple is more secure
- Never trust users
- Expect the unexpected
- Defense in depth
- Resilience
- Security through obscurity
- Deny-listing and allow-listing
- Map exposure points and data passageways
- Regulate requests
- Validate input
- Sanitize data
- Label variables
- Keep code private
- Keep credentials private
- Keep error messages vague
- Smart logging
- Types of credential attacks
- Strong passwords
- URL manipulation and Insecure Direct Object Reference (IDOR)
- SQL injection
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- Cross-Site Request protections
- Cookie visibility and theft
- Session hijacking
- Session fixation
- Remote system execution
- File upload abuse
- Denial of service
- Next steps
Taught by
Kevin Skoglund
Related Courses
Related articles
Reviews
4.0 rating, based on 1 Class Central review
4.9 rating at LinkedIn Learning based on 103 ratings
-
a great course that helps me very much in understanding the concepts of web security A cyber security review provides an independent and in-depth assessment of the ability of an organisation to protect its information assets from the impact of cyber threats. The cyber security review aims to establish and validate the effectiveness of cyber security measures.
