Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

OWASP Top Ten Proactive Controls

LASCON via YouTube

Overview

Explore a comprehensive conference talk on the OWASP Top Ten Proactive Controls, delivered by Jim Manico at LASCON in 2013. Dive into fundamental security controls for software development, covering critical categories like Authentication, Access Control, Validation, Encoding, Query Parameterization, and Data Protection. Learn about secure requirements, architecture, and design principles essential for building robust applications. Gain insights on specific topics such as Apache Shiro, Role-Based Access Control, password defense strategies, multifactor authentication, and secure file upload techniques. Discover best practices for preventing cross-site scripting, implementing HTML encoding and sanitization, and utilizing cryptographic storage methods. This 50-minute developer track session provides valuable knowledge for architects and developers committed to incorporating essential security measures in every software project.

Syllabus

Introduction
Apache Shiro
RoleBased Access Control
Password Defense
Credential Specific Salt
Use an HSM
Use Bcrypt
Multifactor
Access Control
Query Parameterization
Ruby on Rails
Cold Fusion
Encoding
Crosssite scripting
HTML encoding
HTML input
OAuth HTML sanitizer
Other HTML sanitizers
File upload security
Certificate pinning
Cryptographic storage
Detection
Radio Button

Taught by

LASCON

Reviews

Start your review of OWASP Top Ten Proactive Controls

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.