In this course, Secure Ideas will walk attendees through the various items in the latest OWASP Top 10 and corresponding controls.

Since 2003, OWASP has released the Top 10 Most Critical Web Application Security Risks list. It has been the basis of much development and consternation, but do you really understand what each of these issues and their corresponding controls mean? As a developer, do you know how to prevent these issues? As a security professional, do you truly know what they are and how to evaluate their effectiveness?

Students will leverage modern applications to explore how the vulnerabilities work and how to find them in their own applications. Check out our other Secure Ideas courses here.

Introduction

What is the Top 10?
- Update Process
- Past Versions
- Why It Matters

OWASP Top 10

A01:2021 – Broken Access Control
A02:2021 – Cryptographic Failures
A03:2021 – Injection
A04:2021 – Insecure Design
A05:2021 – Security Misconfiguration
A06:2021 – Vulnerable and Outdated Components
A07:2021 – Identification and Authentication Failures
A08:2021 – Software and Data Integrity Failures
A09:2021 – Security Logging and Monitoring Failures
A10:2021 – Server-Side Request Forgery (SSRF)
Summary of Proactive Controls

Who Should Take This Course

Any developers and or security professionals with responsibilities related to application security, including both offensive and defensive roles

There are no scheduled live dates for this course at this time.

On Demand Training

Train at your own pace with no set course schedule
Access to all course resources, including slides and VMs
Subject Matter Expert support through Discord
Tips, tools, and techniques that can be applied immediately upon returning to work
Strengthen your skills by solving challenges within the Antisyphon Cyber Range
Become part of a community driven to educate and share knowledge