Monday
Room 19
09:00 - 17:00
(UTC+02)
2 Days
The OWASP Top Ten 2022 Release
The OWASP Top 10 is a standard awareness document for web developers and web application security professionals. It represents a broad consensus about the most critical security risks to web applications. As software developers author code that makes up a web application, they need to embrace and practice various secure coding techniques. This training provides defensive instruction in relation to the OWASP Top Ten to aid developers in authoring secure software.
The class is a combination of lecture, security testing demonstration, code review and hands-on secure coding labs. Students will learn the most common threats against API's and web application and microservices. More importantly, students will learn how to design and code secure API, web and microservices solutions via defense-based code samples, architectural review and more.
As part of this course, we will explore the use of third-party security libraries and frameworks to speed and standardize secure development. We will highlight production quality and scalable controls from various languages and frameworks. This course will include secure coding information for Java, PHP, Python, Javascript and .NET programmers, but any software developer building microservices will benefit.
A01:2021-Broken Access Control
A02:2021-Cryptographic Failure
A03:2021-Injection
A04:2021-Insecure Design
A05:2021-Security Misconfiguration
A06:2021-Vulnerable and Outdated Components
A07:2021-Identification and Authentication Failures
A08:2021-Software and Data Integrity Failures
A09:2021-Security Logging and Monitoring Failure
A10:2021-Server-Side Request Forgery