Web Security- Common Vulnerabilities And Their Mitigation

Web Security: Common Vulnerabilities And Their Mitigation, available at $79.99, has an average rating of 4.39, with 112 lectures, based on 417 reviews, and has 5327 subscribers.

You will learn about Understand how common web security attacks work Know how to write code which mitigates security risks Implement secure coding practices to reduce vulnerabilities This course is ideal for individuals who are Yep! Students who have some experience in web programming and understand basic browser concepts or Nope! Students who are beginners and have never done any web programming It is particularly useful for Yep! Students who have some experience in web programming and understand basic browser concepts or Nope! Students who are beginners and have never done any web programming.

Enroll now: Web Security: Common Vulnerabilities And Their Mitigation

Summary

Title: Web Security: Common Vulnerabilities And Their Mitigation

Price: $79.99

Average Rating: 4.39

Number of Lectures: 112

Number of Published Lectures: 57

Number of Curriculum Items: 112

Number of Published Curriculum Objects: 57

Original Price: $89.99

Quality Status: approved

Status: Live

What You Will Learn

Understand how common web security attacks work

Know how to write code which mitigates security risks

Implement secure coding practices to reduce vulnerabilities

Who Should Attend

Yep! Students who have some experience in web programming and understand basic browser concepts

Nope! Students who are beginners and have never done any web programming

Target Audiences

Yep! Students who have some experience in web programming and understand basic browser concepts

Nope! Students who are beginners and have never done any web programming

Coat your website with armor, protect yourself against the most common threats and vulnerabilities.?Understand, with examples, how common security attacks work and how to mitigate them. Learn secure practices to keep your website users safe.

Let’s parse that.

How do common security attacks work?:?This course walks you through an entire range of web application security attacks, XSS, XSRF, Session Hijacking, Direct Object Reference and a whole lot more.

How do we mitigate them?:?Mitigating security risks is a web developer’s core job. Learn by example how you can prevent script injection, use secure tokens to mitigate XSRF, manage sessions and cookies, sanitize and?validate input, manage credentials safely using hashing and?encryption etc.

What secure practices to follow?:See what modern browsers have to offer for protection and risk mitigation, how you?can ?limit the surface area you expose in your site.??

What’s included in this course:

Security attacks such as?Cross Site Scripting, Session Hijacking, Credential Management, Cross Site Request Forgery, SQL Injection, Direct Object Reference, Social Engineering?

Risk mitigation using the Content Security Policy Header, user input validation and sanitization, secure token validation, sandboxed?iframes, secure sessions and expiry, password recovery

Web?security basics: Two factor authentication, Open Web Application Security Project,?

Course Curriculum

Chapter 1: You, This Course and Us

Lecture 1: You, This Course and Us

Lecture 2: Source Code and PDFs

Chapter 2: What Is Security?

Lecture 1: Security and its building blocks

Lecture 2: Security related definitions and categories

Chapter 3: Cross Site Scripting

Lecture 1: What is XSS?

Lecture 2: Learn by example – how does a XSS attack work?

Lecture 3: Types of XSS

Lecture 4: XSS mitigation and prevention

Chapter 4: User Input Sanitization And Validation

Lecture 1: Sanitizing input

Lecture 2: Sanitizing input – still not done

Lecture 3: Validating input

Lecture 4: Validating input – some more stuff to say

Lecture 5: Client Side Encoding, Blacklisting and Whitelisting inputs

Chapter 5: The Content Security Policy Header

Lecture 1: Rules for the browser

Lecture 2: Default directives and wildcards

Lecture 3: Stay away from inline code and the eval() function

Lecture 4: The nonce attribute and the script hash

Chapter 6: Credentials Management

Lecture 1: Broken authentication and session management

Lecture 2: All about passwords – Strength, Use and Transit

Lecture 3: All about passwords – Storage

Lecture 4: Learn by example – login authentication

Lecture 5: A little bit about hashing

Lecture 6: All about passwords – Recovery

Chapter 7: Session Management

Lecture 1: What is a session?

Lecture 2: Anatomy of a session attack

Lecture 3: Session hijacking – count the ways

Lecture 4: Learn by example – sessions without cookies

Lecture 5: Session ids using hidden form fields and cookies

Lecture 6: Session hijacking using session fixation

Lecture 7: Session hijacking counter measures

Lecture 8: Session hijacking – sidejacking, XSS and malware

Chapter 8: SQL Injection

Lecture 1: Who Is Bobby Tables?

Lecture 2: Learn by example – how does SQLi work?

Lecture 3: Anatomy of a SQLi attack – unsanitized input and server errors

Lecture 4: Anatomy of a SQLi attack – table names and column names

Lecture 5: Anatomy of a SQLi attack – getting valid credentials for the site

Lecture 6: Types of SQL injection

Lecture 7: SQLi mitigation – parameterized queries and stored procedures

Lecture 8: SQLi mitigation – Escaping user input, least privilege, whitelist validation

Chapter 9: Cross Site Request Forgery

Lecture 1: What is XSRF?

Lecture 2: Learn by example – XSRF with GET and POST parameters

Lecture 3: XSRF mitigation – The referer, origin header and the challenge response

Lecture 4: XSRF mitigation – The synchronizer token

Chapter 10: Lots Of Interesting Bits Of Information

Lecture 1: The Open Web Application Security Project

Lecture 2: 2 factor authentications and OTPs

Lecture 3: Social Engineering

Chapter 11: Direct Object Reference

Lecture 1: The direct object reference attack – do not leak implementation details

Lecture 2: Direct object reference mitigations

Chapter 12: IFrames

Lecture 1: IFrames come with their own security concerns

Lecture 2: Sandboxing iframes

Chapter 13: One last word

Lecture 1: Wrapping up the OWASP top 10 list

Chapter 14: PHP and MySQL Install And Set Up

Lecture 1: Installing PHP (Windows)

Lecture 2: Enabling MySQL and using phpmyadmin (Windows)

Lecture 3: Installing PHP (Mac)

Lecture 4: Installing MySQL (Mac)

Lecture 5: Using MySQL Workbench (Mac)

Lecture 6: Getting PHP and MySQL to talk to each other (Mac)

Instructors

Loony Corn
An ex-Google, Stanford and Flipkart team

Rating Distribution

1 stars: 6 votes

2 stars: 8 votes

3 stars: 68 votes

4 stars: 149 votes

5 stars: 186 votes

Frequently Asked Questions

How long do I have access to the course materials?

You can view and review the lecture materials indefinitely, like an on-demand channel.

Can I take my courses with me wherever I go?

Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don’t have an internet connection, some instructors also let their students download course lectures. That’s up to the instructor though, so make sure you get on their good side!