English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 0h 27m | 201 MB
The Open Web Application Security Project (OWASP) was formed to provide the public with the resources needed to understand and enhance software security. The OWASP Top 10 list describes the ten biggest vulnerabilities. In this course, Caroline Wong takes a deep dive into the third and fourth categories of security vulnerabilities in the OWASP Top 10—sensitive data exposure and XML external entities (XXE). Caroline covers how sensitive data exposure and XXE attacks work, providing real-world examples that demonstrate how they affect companies and consumers alike. She also shares techniques that can help you prevent these types of attacks.
Table of Contents
Introduction
1 Prevent common software vulnerabilities
Sensitive Data Exposure How Does It Work
2 General concept
Impact of Sensitive Data Exposure
3 Example scenario 1
4 Example scenario 2
Preventing Sensitive Data Exposure
5 Laws and regulations
6 Reducing scope
7 Encryption (TLS and HSTS)
XXE How Does It Work
8 General concept
Impact of XXE
9 Example scenario 1
10 Example scenario 2
Preventing XXE
11 Disable XXE processing
12 Whitelisting and validating input
13 Upgrade all XML processors and libraries
Conclusion
14 Next steps
Resolve the captcha to access the links!