Course description
In this course, you will learn about the OWASP Top 10 Proactive Controls document and the many guidelines it provides to help developers write better and more secure code. In particular, I provide an overview of the Proactive Controls and then I cover the first five security controls. These security controls include testing for security early and often, learning about parameterizing SQL queries, encoding data input that may be parsed as executable code, validating data input, and finally you will learn about identity and authentication techniques to make sure you know who is using your web applications. Join me in this course as we explore the OWASP Top 10 Proactive Controls.
Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.
Prerequisites
The assumption is the student is familiar with web and/or mobile development plus basic application security principles. Also, it is highly recommended the student be familiar with the OWASP Top 10 project. There are several other courses provided by LearnNowOnline which can prepare the student with knowledge of the OWASP Top 10 before taking this course. This course is about the OWASP Top 10 Proactive Controls, which is a supplement to the OWASP Top 10 for developers
Meet the expert
Robert Hurlbut is a software security architect and trainer. He is a Microsoft MVP for Developer Security / Visual Studio and Development Technologies and he holds the (ISC)2 CSSLP security certification. Robert has 30 years of industry experience in secure coding, software architecture, and software development and has served as a project manager, director of software development, chief software architect, and application security champion for several companies. He speaks at user groups, national and international conferences, and provides training for many clients.
Video Runtime
116 Minutes
Time to complete
194 Minutes
Course Outline
Overview (14:51)
Verify Security (15:13)
Paramterize Queries (31:29)
Encode Data (18:26)
Validate Inputs (14:45)
Identity and Authentication Controls (21:38)