CASP (Part 6 of 9): Application Security
Interactive

CASP (Part 6 of 9): Application Security

Biz Library
Updated Jan 21, 2020

Take a look at application security and put your development skills under a microscope. Specifically, explore all the things that might go wrong in your application development like cross-site scripting, SQL injection attacks, and buffer overflows. But don’t worry, it won’t be all doom and gloom in this course—delve into some security frameworks and controls that can be put in place to help to better protect your applications from being compromised.

Lesson 1:

  • Application Security
  • Terms
  • Vulnerabilities
  • XSS - Cross Site Scripting
  • XSS
  • XSS - What Can Happen?
  • XSS - How?
  • Defending Against XSS

Lesson 2:

  • SQL Injection
  • What Can Happen?
  • What to Look For
  • Defending SQL Injections
  • Buffer Overflows

Lesson 3:

  • Session IDs
  • How to Get Session IDs
  • Stop Taking My ID

Lesson 4:

  • Controls for Application Security
  • Secure Coding Practices
  • What Kind of Practices?
  • WAF
  • What Can a WAF Do
  • Where a WAF Goes
  • Code Reviews

Lesson 5:

  • Security Frameworks
  • Standard Libraries
  • OWASP
  • ISO/IEC 27000
  • WASC
  • WS-Security