Owasp Api Security Top 10 2021 With Java Examples
Last updated 10/2022
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 3.03 GB | Duration: 7h 23m
Learn OWASP Top 10 2021 & OWASP Top 10 2017, Understand the most critical Security Vulnerabilities in Web Applications
What you'll learn
OWASP Top 10 2021
OWASP Top 10 2017
OWASP API Security Guidelines
Practical tips and trics
Real-life examples of vulnerabilities and prevention of vulnerabilities
Secure Coding Practices with Java Examples
How to produce secure code for Web Application
Security Guidelines and Standards
The most common security threats and vulnerabilities
Threat modelling
How to build efficient process in your team to create Secure Design
Requirements
Basic understanding of how Web works
Knowledge of one of the programming languages for web development
Description
From this course, you can learn OWASP Top 10 Web API Security.There are a lot of other courses on this topic. So, why would you choose exactly this course? Here are just a few reasons:- Coding examplesTo learn to program is not enough just watching videos and reading books. You also need to have a lot of practice. In this training course, you will review multiple practical tasks and coding examples which will help you learn and understand Java better.- Open source codeWe hide nothing from our students! Including the source code for the home task solutions and source code of examples that were shared during the lesson. Having the source code you can just copy and paste it to run it on your local computer to understand how things work better.You are allowed to use all source code examples for learning purposes. This helps significantly to configure the environment and make tests work, especially in case students didn't work with any testing framework in the past.- Q&A support The significant difference between the online and offline learning process is the instructor's availability. If you are in one room with a tutor he always can help you to get understand the specific concept or to help fix your code on your computer. In this course, we are supporting students with answers to any questions flagged in the Q&A section. In case there will be recurring questions - separate video lessons will be created to show how to address the issue. So with this course you are not just getting video materials, code exercises, source code, access to the free mobile application without limits (which is still pretty cool, huh? ), but you also get tutor support and answers to your questions along with this course. - Relevant knowledgeAfter our team investigated other Java courses on Udemy we realized that most of them have nothing in common with real life. The information which is shared there is very old and significantly out of date. For example, the instructor teaches a framework which is not been used already for 15 years. Or instructors do stress on the programming design which is not used anymore at all!The instructor of this course is a consultant in a top-rated IT outsourcing company and helps to bring cutting-edge solutions in IT for all his clients. Feel free to check the LinkedIn page of the instructor and check skills endorsement. More than 19 thousand people across all over the world (BTW most of them are from the top 100 companies of the world) evaluated the skills of Andrii Piatakha. With this course, you can be sure that you will spend your time learning the right things from one of the best IT consultants in the world. - Free mobile App without limits for our studentsKnowing Java is one skill. Be able to pass interviews in the company - that is another skill Nowadays a lot of companies use tests to select candidates on the first level of interview. We developed applications to practice skills specifically for such purposes. In this course, we will provide you link to download our FREE mobile app for android. (soon it will be also available for iOS platforms) The instructor of this course comes up with hundreds of tests that are used to test the knowledge of candidates. With this application, you will be well-prepared for the interview. Also, only for our students - there is no limit on attempts to pass certification. In the course, we will tell you how to set up a special bonus code that will remove restrictions for our students inside the app.- High concentration of useful material in each lessonSometimes you can notice that watching 5 minutes of our lesson is equivalent to watching another 30 minutes lesson. This is because time spent for preparation for the lesson (script for the lesson, lesson structure) and video editing (to cut boring pieces of the lesson or time when the program loads) sometimes 10 times as much (sometimes even 20) as the final lesson duration after video editing.Also, each topic is separated from another. In case some concept will be explained in the next lesson and you don't need to worry about understanding this in the scope of this lesson - the instructor will make an announcement when a specific topic will be covered. Go and try it yourself! We will appreciate your feedback.So don't wait! Take a look at the lessons' preview if you still have doubts! Buy this course today, and you will get all updates for FREE! For those who successfully passed this training course, or for students who were recognized for asking amazing questions, there is a special offer from the IT-Bulls company! The creator of this course is IT-Bulls company CEO and Founder. We are always in search of talents to run our amazing startups together with you. Probably you always dreamed about running your startup? In this course, you will be able to find the team who will teach you how to do that and (in particular cases) will be glad to help with implementation! Hope you enjoy this course! And remember, we appreciate all your feedback! Your feedback will help us to become even better! Your feedback will help us to create to best Java course ever! See you at the lessons!
Overview
Section 1: Introduction
Lecture 1 Communication plan
Lecture 2 Unlimited access to 'Learn IT' application for students
Lecture 3 Tips to Improve Your Course Taking Experience
Section 2: OWASP Top 10
Lecture 4 OWASP Top 10: Overview
Section 3: A01:2021-Broken Access Control
Lecture 5 Broken Access Control
Section 4: A02:2021-Cryptographic Failures
Lecture 6 Cryptography Failures (Theory, Sensitive Data, Data Breach, Types of Failures)
Lecture 7 Cryptography Failures (Practical Examples, SQL Injections, TLS/SSL, HTTPS)
Lecture 8 Cryptography Failures (Examples, Password Encryption, Hashing, Salting)
Section 5: A03:2021-Injection
Lecture 9 Injection (Overview, Fuzzing, CWEs, Impact, Injection Types, Command Injection)
Lecture 10 Injection (Cross Site Scripting, Types of XSS, SQL, JPA, NoSQL Injections)
Lecture 11 Injection (XPath Injection, Log Injection, Input Validation)
Section 6: A04:2021-Insecure Design
Lecture 12 Insecure Design (Overivew, CWEs, Shift Left Security, Threat Modeling Manifesto)
Lecture 13 Insecure Design (Secure Design Process, Security Controls, Metrics, Examples)
Section 7: A05:2021-Security Misconfiguration
Lecture 14 Security Misconfiguration (Overview, CWEs, Types, Real-life attacks)
Lecture 15 Security Misconfiguration (Hardening, Zero Trust, Defense in Depth, Practice)
Section 8: A06:2021-Vulnerable and Outdated Components
Lecture 16 Vulnerable & Outdated Components
Section 9: A07:2021-Identification and Authentication Failures
Lecture 17 Identification & Authentication Failures
Section 10: A08:2021-Software and Data Integrity Failures
Lecture 18 Software & Data Integrity Failures
Section 11: A09:2021-Security Logging and Monitoring Failures
Lecture 19 Security Logging & Monitoring Failures
Lecture 20 Logging in Java: Part 1 (Logging theory, Logging Levels, Java Logging Framework)
Lecture 21 Logging in Java: Part 2 (Log4J, Logback, SLF4J)
Section 12: A10:2021-Server-Side Request Forgery
Lecture 22 Server-Side Request Forgery (SSRF)
Section 13: ===== EXAM TASK: OWASP Top 10, Secure Coding & Logging =====
Lecture 23 Exam Task: Description and Solution (with reference to the source code)
Section 14: Bonus Section
Lecture 24 Bonus Lesson
Web Developers,Software Architects,Software Engineers,Quality Assurance Engineers,Project & Delivery Managers
What you'll learn
OWASP Top 10 2021
OWASP Top 10 2017
OWASP API Security Guidelines
Practical tips and trics
Real-life examples of vulnerabilities and prevention of vulnerabilities
Secure Coding Practices with Java Examples
How to produce secure code for Web Application
Security Guidelines and Standards
The most common security threats and vulnerabilities
Threat modelling
How to build efficient process in your team to create Secure Design
Requirements
Basic understanding of how Web works
Knowledge of one of the programming languages for web development
Description
From this course, you can learn OWASP Top 10 Web API Security.There are a lot of other courses on this topic. So, why would you choose exactly this course? Here are just a few reasons:- Coding examplesTo learn to program is not enough just watching videos and reading books. You also need to have a lot of practice. In this training course, you will review multiple practical tasks and coding examples which will help you learn and understand Java better.- Open source codeWe hide nothing from our students! Including the source code for the home task solutions and source code of examples that were shared during the lesson. Having the source code you can just copy and paste it to run it on your local computer to understand how things work better.You are allowed to use all source code examples for learning purposes. This helps significantly to configure the environment and make tests work, especially in case students didn't work with any testing framework in the past.- Q&A support The significant difference between the online and offline learning process is the instructor's availability. If you are in one room with a tutor he always can help you to get understand the specific concept or to help fix your code on your computer. In this course, we are supporting students with answers to any questions flagged in the Q&A section. In case there will be recurring questions - separate video lessons will be created to show how to address the issue. So with this course you are not just getting video materials, code exercises, source code, access to the free mobile application without limits (which is still pretty cool, huh? ), but you also get tutor support and answers to your questions along with this course. - Relevant knowledgeAfter our team investigated other Java courses on Udemy we realized that most of them have nothing in common with real life. The information which is shared there is very old and significantly out of date. For example, the instructor teaches a framework which is not been used already for 15 years. Or instructors do stress on the programming design which is not used anymore at all!The instructor of this course is a consultant in a top-rated IT outsourcing company and helps to bring cutting-edge solutions in IT for all his clients. Feel free to check the LinkedIn page of the instructor and check skills endorsement. More than 19 thousand people across all over the world (BTW most of them are from the top 100 companies of the world) evaluated the skills of Andrii Piatakha. With this course, you can be sure that you will spend your time learning the right things from one of the best IT consultants in the world. - Free mobile App without limits for our studentsKnowing Java is one skill. Be able to pass interviews in the company - that is another skill Nowadays a lot of companies use tests to select candidates on the first level of interview. We developed applications to practice skills specifically for such purposes. In this course, we will provide you link to download our FREE mobile app for android. (soon it will be also available for iOS platforms) The instructor of this course comes up with hundreds of tests that are used to test the knowledge of candidates. With this application, you will be well-prepared for the interview. Also, only for our students - there is no limit on attempts to pass certification. In the course, we will tell you how to set up a special bonus code that will remove restrictions for our students inside the app.- High concentration of useful material in each lessonSometimes you can notice that watching 5 minutes of our lesson is equivalent to watching another 30 minutes lesson. This is because time spent for preparation for the lesson (script for the lesson, lesson structure) and video editing (to cut boring pieces of the lesson or time when the program loads) sometimes 10 times as much (sometimes even 20) as the final lesson duration after video editing.Also, each topic is separated from another. In case some concept will be explained in the next lesson and you don't need to worry about understanding this in the scope of this lesson - the instructor will make an announcement when a specific topic will be covered. Go and try it yourself! We will appreciate your feedback.So don't wait! Take a look at the lessons' preview if you still have doubts! Buy this course today, and you will get all updates for FREE! For those who successfully passed this training course, or for students who were recognized for asking amazing questions, there is a special offer from the IT-Bulls company! The creator of this course is IT-Bulls company CEO and Founder. We are always in search of talents to run our amazing startups together with you. Probably you always dreamed about running your startup? In this course, you will be able to find the team who will teach you how to do that and (in particular cases) will be glad to help with implementation! Hope you enjoy this course! And remember, we appreciate all your feedback! Your feedback will help us to become even better! Your feedback will help us to create to best Java course ever! See you at the lessons!
Overview
Section 1: Introduction
Lecture 1 Communication plan
Lecture 2 Unlimited access to 'Learn IT' application for students
Lecture 3 Tips to Improve Your Course Taking Experience
Section 2: OWASP Top 10
Lecture 4 OWASP Top 10: Overview
Section 3: A01:2021-Broken Access Control
Lecture 5 Broken Access Control
Section 4: A02:2021-Cryptographic Failures
Lecture 6 Cryptography Failures (Theory, Sensitive Data, Data Breach, Types of Failures)
Lecture 7 Cryptography Failures (Practical Examples, SQL Injections, TLS/SSL, HTTPS)
Lecture 8 Cryptography Failures (Examples, Password Encryption, Hashing, Salting)
Section 5: A03:2021-Injection
Lecture 9 Injection (Overview, Fuzzing, CWEs, Impact, Injection Types, Command Injection)
Lecture 10 Injection (Cross Site Scripting, Types of XSS, SQL, JPA, NoSQL Injections)
Lecture 11 Injection (XPath Injection, Log Injection, Input Validation)
Section 6: A04:2021-Insecure Design
Lecture 12 Insecure Design (Overivew, CWEs, Shift Left Security, Threat Modeling Manifesto)
Lecture 13 Insecure Design (Secure Design Process, Security Controls, Metrics, Examples)
Section 7: A05:2021-Security Misconfiguration
Lecture 14 Security Misconfiguration (Overview, CWEs, Types, Real-life attacks)
Lecture 15 Security Misconfiguration (Hardening, Zero Trust, Defense in Depth, Practice)
Section 8: A06:2021-Vulnerable and Outdated Components
Lecture 16 Vulnerable & Outdated Components
Section 9: A07:2021-Identification and Authentication Failures
Lecture 17 Identification & Authentication Failures
Section 10: A08:2021-Software and Data Integrity Failures
Lecture 18 Software & Data Integrity Failures
Section 11: A09:2021-Security Logging and Monitoring Failures
Lecture 19 Security Logging & Monitoring Failures
Lecture 20 Logging in Java: Part 1 (Logging theory, Logging Levels, Java Logging Framework)
Lecture 21 Logging in Java: Part 2 (Log4J, Logback, SLF4J)
Section 12: A10:2021-Server-Side Request Forgery
Lecture 22 Server-Side Request Forgery (SSRF)
Section 13: ===== EXAM TASK: OWASP Top 10, Secure Coding & Logging =====
Lecture 23 Exam Task: Description and Solution (with reference to the source code)
Section 14: Bonus Section
Lecture 24 Bonus Lesson
Web Developers,Software Architects,Software Engineers,Quality Assurance Engineers,Project & Delivery Managers
Code:
Bitte
Anmelden
oder
Registrieren
um Code Inhalt zu sehen!
Code:
Bitte
Anmelden
oder
Registrieren
um Code Inhalt zu sehen!
Code:
Bitte
Anmelden
oder
Registrieren
um Code Inhalt zu sehen!