Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

The Path of Secure Software Development - AppSec EU 2017

OWASP Foundation via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the path to secure software development in this OWASP Foundation conference talk from AppSec EU 2017. Delve into proactive security controls and techniques that developers can incorporate throughout the software development lifecycle. Learn how to defend against cyber attacks at the application layer by implementing security measures during the coding process. Discover real-world examples of solving prevalent internet security problems, including SQL injection and cross-site scripting (XSS). Examine the OWASP Top 10 Risks, Application Security Verification Standard (ASVS), and best practices for identity authentication, access control, and logging. Gain insights on parameterizing queries, using contextual encoding libraries, implementing strong cryptographic algorithms, and secure password storage. Understand the importance of early and frequent security verification, managing third-party components, and preventing information leakage. Ideal for developers and security professionals seeking to enhance application security from the ground up.

Syllabus

Intro
OWASP Top 10 Risks - 2013
Cyber attacks
OWASP Application Security Verification Standard (ASVS)
OWASP ASVS
Verify for Security Early and Often
SOL injection example
Parameterize Queries
XSS Example
Contextual Encoding Libraries
Example of Validations
2nd Order SQL Injection Example
CS. Implement Identity and Authentication Controls
Strong cryptographic algorithms
Secure Password Storage
C5. Password Storage - How Not To Do It!
C5. Error Messages - How Not To Do It!
C5. Risks Addressed
Implement Appropriate Access Controls
Implement Logging and Intrusion Detection
Risks Addressed - All Top Ten!
Current state of software
Unmanaged 3 Party Components
Don't leak information
@OWASP Controls

Taught by

OWASP Foundation

Reviews

Start your review of The Path of Secure Software Development - AppSec EU 2017

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.