What you'll learn
- Some of the best protection strategies that help avoid each OWASP Top 10 risk from materializing
- The main challenges that cause each OWASP Top 10 risk
- Examples of good and bad code for each OWASP Top 10 risk using pseudocode
- Definition of each of the OWASP Top 10 risk
- What are the key information security concepts required to understand each OWASP Top 10 risk
- What are the OWASP Top 10 risks and how this list gets periodically updated
- What is the OWASP Foundation and how you can be part of this open-source community
Requirements
- No programming experience needed you will learn everything you need to know
- Curiosity on web application security risks
Description
Welcome to this beginner course on the OWASP Top 10, as it was last updated in 2021 almost beginning of 2022. This course has no technical prerequisites, it is truly meant for everyone. Whether you are a risk manager, an auditor, a cybersecurity professional, or maybe you are a software developer or simply curious on application security and looking for an introduction to the OWASP Top 10: This course is for you!
In this course you will learn a little bit about the OWASP Foundation and how you can be part of this opensource community. We are going to learn what are the OWASP Top 10 risks of 2021 and how this list of risks gets periodically updated.
For each of the OWASP Top 10 risks, we are going to look at the key information security concepts, so that you better understand the definition of each risk. Then we are going to – together – define each risk – and we are going to do this in layman’s terms, so that you really understand each risk.
We are also going to look at the main challenges that developers and others face that cause each risk. Finally, we are going to give examples of good and bad code using pseudocode and we are going to conclude with some of the best protection practices to help you and your team avoid each risk from materializing.
Who this course is for:
- This course has no technical prerequisites, it is truly meant for everyone
- Beginner web application and API developers
- Risk managers and auditor looking to understand the OWASP Top 10 risks
- Cybersecurity professionals looking for an introduction to the OWASP Top 10
Instructor
Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also an investor/advisor for 10Security, Aiya, MergeBase, Nucleus Security, KSOC, and Inspectiv. Jim is a frequent speaker on secure software practices, is a member of the Java Champion community, and is the author of "Iron-Clad Java: Building Secure Web Applications" from Oracle Press. Jim also volunteers for the OWASP foundation as the project lead for the OWASP Application Security Verification Standard and the OWASP Cheatsheet Series.