Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Pluralsight

How to Stop Man-in-the-Middle and Downgrade Attacks in Your Apps

via Pluralsight

Overview

Securing communications over untrusted networks is a critical element of security for any modern application. In this course, you will learn how to simulate man-in-the-middle attacks to test for these problems, and learn how to prevent them.

While one of the cornerstones of application security is securing communications over untrusted networks, far too often developers and operations personnel get tripped up by the many pitfalls of implementation, often resulting in the complete failure to secure data on the wire. In this course, you'll learn how adversaries can gain access to other users' communications through a variety of techniques, and prevention strategies. The course covers specific topics ranging from the SSL/TLS certificate authority system, to secure web session management and mobile communications security. You'll also learn how to conduct simulated man-in-the-middle attacks to empirically test SSL/TLS certificate validation in realistic scenarios. By the end of this course, you'll have a thorough understanding of techniques to prevent interception and make applications more secure.

Syllabus

  • Course Overview 1min
  • Overview and PKI Crash Course 45mins
  • Exercise: Certificate Validation Testing 35mins
  • A Short History of SSL/TLS Protocol Flaws 25mins
  • Web-oriented Man-in-the-Middle Attacks 39mins

Taught by

Tim Morgan

Reviews

4.3 rating at Pluralsight based on 21 ratings

Start your review of How to Stop Man-in-the-Middle and Downgrade Attacks in Your Apps

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.