Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Subscribe
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Crack the Code: Mastering the OWASP Top 10 version 2021-2026
Highest Rated
Rating: 4.6 out of 5(5,388 ratings)
10,925 students

Crack the Code: Mastering the OWASP Top 10 version 2021-2026

From Theory to Practice: Real-World Tactics for Securing Modern Web Applications
Highest Rated
Created byJim Manico
Last updated 2/2026
English

What you'll learn

  • Some of the best protection strategies that help avoid each OWASP Top 10 risk from materializing
  • The main challenges that cause each OWASP Top 10 risk
  • Examples of good and bad code for each OWASP Top 10 risk using pseudocode
  • Definition of each of the OWASP Top 10 risk
  • What are the key information security concepts required to understand each OWASP Top 10 risk
  • What are the OWASP Top 10 risks and how this list gets periodically updated
  • What is the OWASP Foundation and how you can be part of this open-source community

Course content

1 section12 lectures1h 42m total length

  • Introduction8:00

    After completing this lecture, students will be able to know what is the OWASP Foundation and how they can be part of this open-source community. They will have a good understanding of the OWASP Top 10 and how it was last updated in the end of 2021, almost beginning of 2022. Finally, students will know the learning approach we are going to take for each risk of the OWASP Top 10.

  • Making of the OWASP Top 10 – 2021
  • Risk A1: Broken Access Control6:26

    After completing this lecture, students will have a good understanding of the first risk of the OWASP Top 10, namely A1: Broken Access Control.

  • Access Control Practice Test
  • Risk A2: Cryptographic Failures7:13

    After completing this lecture, students will have a good understanding of the secod risk of the OWASP Top 10, namely A2: Cryptographic Failures.

  • Advanced Encryption Standard (AES) Security
  • Risk A3: Injection7:11

    After completing this lecture, students will have a good understanding of the third risk of the OWASP Top 10, namely A3: Injection.

  • Many Forms of Injection
  • Risk A4: Insecure Design9:01

    After completing this lecture, students will have a good understanding of the fourth risk of the OWASP Top 10, namely A4: Insecure Design.

  • Insecure Design Practice Test
  • Risk A5: Security Misconfiguration8:08

    After completing this lecture, students will have a good understanding of the fifth risk of the OWASP Top 10, namely A5: Security Misconfiguration.

  • Misconfiguration in Application Security
  • Risk A6: Vulnerable and Outdated Components8:14

    After completing this lecture, students will have a good understandig of the sixth risk of the OWASP Top 10, namely A6: Vulnerable and Outdated Components.

  • Vulnerable & Outdated Components Quiz
  • Risk A7: Authentication and Identification Failures8:58

    After completing this lecture, students will have a good understanding of the seventh risk of the OWASP Top 10, namely A7: Authentication and Identification Failures.

  • Authentication and Identification Security Quiz
  • Risk A8: Software and Integrity Failures9:06

    After completing this lecture, students will have a good understanding of the eighth risk of the OWASP Top 10, namely A8: Software and Integrity Failures.

  • Integrity Failures in Application Security
  • Risk A9: Security Logging and Monitoring Failures10:06

    After completing this lecture, students will have a good understanding of the penultimate risk of the OWASP Top 10, namely A9: Security Logging and Monitoring Failures.

  • Security Logging in Application Security
  • Risk A10: Server-Side Request Forgery8:16

    After completing this lecture, students will have a good understanding of the final risk of the OWASP Top 10, namely A10: Server-Side Request Forgery.

  • Server-Side Request Forgery Quiz
  • Summary: What We Learned11:28

    After completing this lecture, students will have done a recap of the information security concepts, definitions, examples, and best protection strategies for each of the OWASP Top 10 risks. Included as a resource with this lecture is handout of further reading materials.

Requirements

  • No programming experience needed you will learn everything you need to know
  • Curiosity on web application security risks

Description

COMING SOON! Update on the New 2026 OWASP Top Ten!

Welcome to this beginner course on the OWASP Top 10, as it was last updated in 2021 almost beginning of 2022. This course has no technical prerequisites, it is truly meant for everyone. Whether you are a risk manager, an auditor, a cybersecurity professional, or maybe you are a software developer or simply curious on application security and looking for an introduction to the OWASP Top 10: This course is for you!

In this course you will learn a little bit about the OWASP Foundation and how you can be part of this opensource community. We are going to learn what are the OWASP Top 10 risks of 2021 and how this list of risks gets periodically updated.

For each of the OWASP Top 10 risks, we are going to look at the key information security concepts, so that you better understand the definition of each risk. Then we are going to – together – define each risk – and we are going to do this in layman’s terms, so that you really understand each risk.

We are also going to look at the main challenges that developers and others face that cause each risk. Finally, we are going to give examples of good and bad code using pseudocode and we are going to conclude with some of the best protection practices to help you and your team avoid each risk from materializing.

Who this course is for:

  • This course has no technical prerequisites, it is truly meant for everyone
  • Beginner web application and API developers
  • Risk managers and auditor looking to understand the OWASP Top 10 risks
  • Cybersecurity professionals looking for an introduction to the OWASP Top 10

Report abuse