API Security with the OWASP API Security Top 10
This course will teach you about unique vulnerabilities faced by web-based APIs and the defenses you’ll need to protect them.
APIs are becoming increasingly common. They’re used in everything from web applications to smart devices. The more popular they become, the more attention they attract from hackers. If you’re creating an API then you need to know how to keep it secure. In this course, API Security with the OWASP API Security Top 10, you’ll learn to identify and defend against the most common API security vulnerabilities. First, you’ll explore individual vulnerabilities and the potential problems they can cause. Next, you’ll discover how attackers find and exploit those vulnerabilities. Finally, you’ll learn how to add defenses for each vulnerability. When you’re finished with this course, you’ll have the skills and knowledge of the top 10 API vulnerabilities needed, to create a secure, resilient API.
Author Name: Gavin Johnson-Lynn
Author Description:
Gavin has 20 years’ experience writing software in regulated environments and for global organisations. The last five years of his development career were spent with a focus on security, becoming the security lead for a significant payments project at a FTSE 100 company. He has experience with languages from COBOL to .Net and many languages in between. Gavin’s experience of secure development revealed a passion for security, leading him to become a speaker and blogger on the subject. He has held… more
Table of Contents
- Course Overview
1min - Understanding the OWASP API Security Top 10
10mins - Broken Object Level Authorization
10mins - Broken Authentication
16mins - Broken Object Property Level Authorization
7mins - Unrestricted Resource Consumption
7mins - Broken Function Level Authorization
9mins - Unrestricted Access to Sensitive Business Flows
10mins - Server-side Request Forgery
9mins - Security Misconfiguration
16mins - Improper Inventory Management
11mins - Unsafe Consumption of APIs
10mins
There are no reviews yet.