Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Stanford University

Web Security

Stanford University via YouTube

Overview

This course is a comprehensive overview of web security. The goal is to build an understanding of the most common web attacks and their countermeasures. Given the pervasive insecurity of the modern web landscape, there is a pressing need for programmers and system designers to improve their understanding of web security issues. We'll be covering the fundamentals as well as the state-of-the-art in web security.

Topics include: Principles of web security, attacks and countermeasures, the browser security model, web app vulnerabilities, injection, denial-of-service, TLS attacks, privacy, fingerprinting, same-origin policy, cross site scripting, authentication, JavaScript security, emerging threats, defense-in-depth, and techniques for writing secure code. Course projects include writing security exploits, defending insecure web apps, and implementing emerging web standards. Instructor: Feross Aboukhadijeh (https://feross.org)

Syllabus

Web Security - Lecture 01 - What is Web Security? HTML & JavaScript Review.
Web Security - Lecture 02 - HTTP, Cookies, Sessions.
Web Security - Lecture 03 - Session Attacks.
Web Security - Lecture 04 - Cross-Site Request Forgery, Same Origin Policy.
Web Security - Lecture 05 - Exceptions to the Same Origin Policy.
Web Security - Lecture 06 - Cross-Site Scripting (XSS).
Web Security - Lecture 07 - Cross-Site Scripting Defenses.
Web Security - Lecture 08 - Fingerprinting and Privacy on the Web - Pete Snyder.
Web Security - Lecture 09 - Denial-of-service, Phishing, Side Channels.
Web Security - Lecture 10 - Code Injection.
Web Security - Lecture 11 - Transport Layer Security.
Web Security - Lecture 12 - HTTPS in the Real World - Emily Stark & Chris Palmer.
Web Security - Lecture 13 - Authentication.
Web Security - Lecture 14 - WebAuthn - The future of user authentication - Lucas Garron.
Web Security - Lecture 16 - Managing security concerns in a large Open Source project - Myles Borins.
Web Security - Lecture 17 - Server security: Safe coding practices.
Web Security - Lecture 18 - Local HTTP server security.
Web Security - Lecture 19 - DNS rebinding attacks.
Web Security - Lecture 20 - Browser architecture, Writing secure code.

Taught by

Feross

Reviews

4.7 rating, based on 49 Class Central reviews

Start your review of Web Security

  • Loved the content, I was looking for some random stuff to do as I was free but ended up doing this whole course , A hundred percent recommended for web security and ethical hacking

  • Profile image for Hamit Bisane
    Hamit Bisane
    CS 253 Web Security is an excellent course for anyone interested in learning about the security vulnerabilities of the web and how to build secure web applications. The instructor, Feross Aboukhadijeh, is knowledgeable and engaging, and the course c…
  • Although some videos are very time consuming and they have long duration, I was able to learn lots of new information and data that are new to me and first time to encounter. I hope that this course will also help others in the future.
  • Wow Meticulous in keeping the workplace clean and tidy. Charlotte makes a habit of keeping own area clean and hazard-free and also assists and encourages others to do the same. Reacts quickly and decisively in an emergency, keeping a cool head and effectively leading others. Applies professional experience and/or knowledge of people expertly to forecast outcomes with at least 90% accuracy. Others trust his judgement because the choices have usually been good. Late on fewer than 3 occasions in 6 months.
  • Profile image for Sopiko Lekveishvili
    Sopiko Lekveishvili
    The web security course offers a comprehensive overview of essential topics in safeguarding online applications. It covers critical areas such as threat modeling, secure coding practices, and vulnerability assessments. The course material is well-st…
  • Yash Srivastava
    The "Web Security - Lecture 20: Browser Architecture, Writing Secure Code" course on Class Central provides an insightful overview of the underlying architecture of web browsers and how to write secure code. It emphasizes key concepts like browser security models, common vulnerabilities, and best practices for secure development. The course is well-structured, with clear explanations and practical examples, making complex topics accessible to developers at various levels. It highlights the importance of securing web applications from common threats such as cross-site scripting and SQL injection. Overall, it's an excellent resource for anyone looking to enhance their understanding of web security.
  • Profile image for Sakshi Jagtap
    Sakshi Jagtap
    The Web Security course from Stanford University on YouTube is an outstanding resource for anyone interested in understanding the fundamentals of online security. The instructors present complex concepts in an engaging and accessible manner, making it easy for learners of all levels to grasp critical topics like encryption, authentication, and secure coding practices. The course includes practical examples and real-world scenarios that deepen comprehension and application. Overall, this course is an invaluable tool for aspiring cybersecurity professionals and anyone looking to enhance their knowledge of web security. Highly recommended!
  • I'm writing this review for the students who are new to Cyber Security. This course is beginner to a very good level. You will understand the basic concepts the words which are very common in cyber security. Must watch.
  • Amazing it is one of the most comprehensive courses I've ever found. Really good for beginners who just starting out on the web, but note that you really need to explore more about the web cause there is much more to come.
  • Profile image for Pawan
    Pawan
    The Web Security course from Stanford University via YouTube is an excellent introduction to understanding web vulnerabilities and secure coding practices. The instructors present complex concepts like cross-site scripting (XSS), SQL injection, and CSRF in a clear and engaging manner. The use of real-world examples makes the content easy to follow, even for beginners. It also highlights how crucial web security is in today's digital landscape. Whether you're a cybersecurity enthusiast or a developer aiming to build more secure applications, this course provides valuable insights. Highly recommended!
  • Shikin S
    After watching the video, I found it informative and engaging. The content was well-structured, making it easy to follow and understand. The visuals were clear and complemented the narration effectively. The pacing was just right, keeping me interested throughout without feeling rushed. The speaker was knowledgeable and communicated the key points concisely. However, there were moments where more in-depth explanations could have added value. Overall, it was a valuable watch that provided useful insights and practical information. I'd recommend it to anyone interested in the topic.
  • Profile image for Ipshika Bhattarai
    Ipshika Bhattarai
    The course provided a comprehensive overview of web security, covering everything from the basics to more advanced concepts. The modules were well-structured, and the content was presented in a clear and logical manner. I especially appreciated the [specific feature, e.g., "detailed case studies" or "hands-on exercises"] that helped to solidify the theoretical knowledge.
  • Profile image for Mohammed Ufraan
    Mohammed Ufraan
    The "Web Security" course from Stanford University on YouTube is an excellent resource for anyone looking to deepen their understanding of web security. The course covers essential topics such as encryption, authentication, and common vulnerabilities with clarity and depth. The instructors provide insightful explanations and real-world examples that enhance learning.

  • Profile image for Urvi Joshi
    Urvi Joshi
    The Web Security course offered by Stanford University on YouTube is an excellent resource for anyone looking to build a strong foundation in cybersecurity. As someone interested in understanding how to secure web applications and websites, I found this course to be both comprehensive and insightful.
  • Profile image for Rahul Jha
    Rahul Jha
    Good learning experience. Having a professional teacher which helps to understand easily and also it is free of cost which is best for student who want to study. The explanation is very good it is easy to understand. The way they taught is excellent we can easily do our assessment.
  • Mashrur Rahman
    CS 253 Web Security is an excellent course for anyone interested in learning about the security vulnerabilities of the web and how to build secure web applications. The instructor, Feross Aboukhadijeh, is knowledgeable and engaging, and the course c…
  • Profile image for Manjiri Gole
    Manjiri Gole
    Incredible course. It was easy to follow along and understand. Also simply explained the concepts of web security. Would highly recommend people apply and learn as it will help them clear core concepts easily.
  • Md Tanvir Raiyan
    This classes are awesome. They teach from the basic principles. There teaching system is good so much. I love it. Actually a long time i am searching a free course. And i get this course. It’s help me a lot.
  • Kunal Sherbahadur Singh
    Loved the content, I was looking for some random stuff to do as I was free but ended up doing this whole course , A hundred percent recommended for web security and ethical hacking
  • Profile image for Sanchez Olvera Angel Daniel
    Sanchez Olvera Angel Daniel
    This course was really useful, quite a few topics were covered and together with the demonstrations it was quite clear how security is carried out within web pages.

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.