SDT 313 - Testing for (CSRF) Cross Site Request Forgery (UPDATED)
Cross-Site Request Forgery (CSRF) occurs when a web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. This course introduces ways to identify and mitigate this security weakness, referenced as CWE-352 by the 2020 CWE Top 25.
- Recognizing the impact of this vulnerability
- Techniques for finding CSRF issues through code review
- Application of secure coding best practices to prevent these attacks
- Testing to detect this security weakness