In this course, you will learn the basics of secure web applications. You will start by learning about OWASP and the Top 10 list of vulnerabilities within web applications. You will also learn how to do Static code scans using special software and even how to manually test a web application.
Overview
Syllabus
- Introduction to Application Security
- Welcome to Application Security, but before we start let's learn a little about who I am and the history of application security.
- Common Web Application Vulnerabilities
- In this lesson we will go over who is OWASP and talk about the OWASP Top 10 and recommendations/best practices to mediate them.
- Web Penetration Testing
- In this lesson we will go over techniques used to conduct penetration testing on a web application.
- Discovery Methodologies
- In this lesson we will go over Static Application Security Testing and how to read/modify them.
- Vulnerability Response
- In this section we are going to focus on report writing and how to calculate severity using CVSS v3.1.
- Mitigation and Verification
- We learned how to find and document all vulnerabilities, but we are not done just yet. Now we need to focus our efforts on communicating with the development and QA teams to achieve a more secure app.
- Vulnerable Web Application
- You are hired by a startup to identify how their web application was breached, what vulnerabilities do they have, and make recommendations on how they can mitigate these vulnerabilities.
Taught by
Dev Badlu