Overview
Syllabus
Intro
WARNING
Security Architecture and Design
Security Requirements (SDLC) Functional requirements
OWASP Java Encoder Project orgindex.php OWASP Java Encoder Project
Password Defenses
Leverage Keyed Functions
Multi Factor Authentication
Forgot Password Secure Design
Access Control Anti-Patterns
Most Coders Hard-Code Roles in Code
Solving Real World Access Control Problems with the Apache Shiro
Content Security Policy
Anatomy of a SQL Injection Attack
Query Parameterization (PHP PDO)
Query Parameterization (PERL DBI)
Anatomy of a XSS Attack
Contextual Output Encoding (XSS Defense)
Other Encoding Libraries
Solving Real World Problems with the OWASP HTML Sanitizer Project
Encryption in Transit (HTTPS/TLS)
Fixing the TLS and the Certificate Authority System
Solving Real World Crypto Storage Problems With Google KeyCzar
App Layer Intrusion Detection
OWASP AppSensor (Java)
Taught by
OWASP Foundation