SDT 312 - Testing for (Path Traversal) Improper Limitation of a Pathname to a Restricted Directory (UPDATED)

Course Details

Course Number: SDT 312

Course Duration: 15 minutes

Course CPE Credits: .25

NICE Specialty Areas

Software Development (DEV)

Related Learning Paths

Embedded Test Engineer
Q/A Test Engineer

Related Subject Matter

CWE
NICE
Software Development Testing

Foreign Languages Available:

English

Course Overview

Many file operations are intended to take placed within a restricted directory, however, the software does not properly neutralize special elements within a pathname which results in various security consequences. This course introduces ways to identify and mitigate this security weakness, referenced as CWE-22 by the 2020 CWE Top 25.

Topics include:

Recognizing the impact of this vulnerability
Techniques for finding path traversal issues through code review
Application of secure coding best practices to prevent these attacks
Testing to detect this security weakness

Ready to Demo this course? Questions? Contact Us!