TST 211: How to Test for the OWASP Top 10
Equally important to understanding what makes the OWASP Top Ten list every three years is understanding how to test for these critical vulnerabilities and keep them out of your applications. By reducing your risk of exposure to the OWASP Top Ten, you help safeguard against compromise. Additionally, testing for these flaws is a requirement of the Payment Card Industry Standards (PCI-DSS) as well as other regulatory bodies. This course explains how these flaws occur and provides testing strategies to identify the flaws in web applications.
Upon completion of this class, participants will be able to test for the most common threats that web application developers face, including:
- Broken Authentication and Session Management
- Cross-Site Scripting (XSS)
- Insecure Direct Object References
- Security Misconfiguration
- Sensitive Data Exposure
- Missing Function Level Access Control
- Cross-Site Request Forgery (CSRF)
- Using Components with Known Vulnerabilities
- Unvalidated Redirects and Forwards
This course can be customized for Instructor-Led training. Course contents and duration may vary. Contact us for details.