Secure Coding: Preventing Broken Access Control
Learn how to protect your code from access control issues. You will gain an understanding of how an attacker might find and attack those vulnerabilities before building defenses into your code.
Broken access controls can expose information and functionality in your service to unauthorized users and is currently one of the top vulnerabilities found in software. You need to understand those vulnerabilities in order to defend against potential attackers. In this course, Secure Coding: Preventing Broken Access Control, you will gain the ability to protect your code from access control vulnerabilities. First, you will learn to understand vulnerabilities and potential attacks against them. Next, you will discover some of the key principles associated with defensive code. Finally, you will explore how to write clean, readable, defensive code. When you are finished with this course, you will have the skills and knowledge needed to protect your code from access control vulnerabilities.
Author Name: Gavin Johnson-Lynn
Author Description:
Gavin has 20 years’ experience writing software in regulated environments and for global organisations. The last five years of his development career were spent with a focus on security, becoming the security lead for a significant payments project at a FTSE 100 company. He has experience with languages from COBOL to .Net and many languages in between. Gavin’s experience of secure development revealed a passion for security, leading him to become a speaker and blogger on the subject. He has held… more
Table of Contents
- Course Overview
1min - Defining Access Controls
17mins - Forced Browsing to Find Hidden Functionality
20mins - Traversing Directories for Unauthorized File Access
15mins - Manipulating Parameters to Alter Results
26mins - Finding Insecure Direct Object References (IDOR)
15mins - Guiding Principles for Access Controls
18mins
There are no reviews yet.