Welcome again to the realm of web security, where millions of dollars and people’s lives are on the line. Not every web application has that much on the line, but many do, and it’s your job as the developer or manager to keep your users safe! From protecting static web sites to the most complex of web services and APIs, every web developer should be aware of, and adept at writing secure code and building systems that can stand up to the strongest of malicious users.
In this course, we will build on earlier courses in basic web security by diving into the OWASP Top 10 for Node.js and JavaScript. The OWASP Top 10 is a trusted knowledge framework covering the top 10 major web security vulnerabilities, as well as providing information on how to mitigate them. Throughout this course, we will explore each vulnerability in general and in the scope of how they occur in JavaScript (as the frontend) and Node.js (as the backend).
What you'll learn
- Injection
- Broken Authentication
- XSS
- CSRF
- Broken Access Controls
- Sensitive Data Exposure
- Insecure Direct Object References
- Misconfiguration
- Insecure Components
- Redirects