Secure Coding: Preventing Insecure Deserialization
|
This course will teach you the basics of serialization and deserialization, including serialization file formats, what insecure deserialization is, and how to prevent that type of vulnerability from occurring in your code.
As a developer, it is important to be familiar with common vulnerabilities that are often encountered in web application. Insecure deserialization is one of those vulnerabilities, ranking 8th in the OWASP Top 10 2017. In this course, Secure Coding: Preventing Insecure Deserialization, you will learn how to properly defend yourself against that particular vulnerability First, you will learn about the basics of serialization and deserialization, and about the various serialization file formats. Next, you will discover what insecure deserialization actually is, and how it can be exploited: In order to fix the problem, you need to know what can go wrong. Finally you will explore how to properly prevent insecure deserialization in any development language or framework. By the end of this course, you will have the secure coding skills and knowledge needed to prevent insecure deserialization vulnerabilities from creeping into your application.
Author Name: Peter Mosmans
Author Description:
Peter started out in the nineties as software engineer working on internet banking applications for various European financial institutions. After developing, he moved to the role of defending and designing systems and networks for high-availability websites. Since 2004 he started specializing in breaking: pentesting complex and feature-rich web applications. Currently he leads a global team of highly skilled penetration testers as lead pentester. He is a contributor to several open-source penet… more
Table of Contents
- Course Overview
1min - What Is Serialization and Deserialization?
23mins - Deserialization: How It Can Be Exploited
8mins - Insecure Patterns for Deserialization
13mins - How to Securely Implement Deserialization
15mins
User Reviews
Be the first to review “Secure Coding: Preventing Insecure Deserialization”
Related Products
Security Management: A Case Study
Security management encompasses a number of verticals, dealing with the day to day, developing programs, maintaining compliance and managing risk. This course covers what's important when starting up a cyber-security initiative.
Maintaining Deployment Security in Microsoft Azure
This course identifies the resources, tools, and methods needed to maintain the security of your deployed resources in Azure.
Implementing Host Security in Microsoft Azure
This course identifies the resources, tools, and methods needed to secure hosts in Azure as well as hosts connecting to Azure.
Security Principles for CC℠
This course will teach you security concepts of information protection and assurance needed for the Certified in Cybersecurity Exam.
Performing Malware Analysis on Malicious Documents
Malicious documents have become a form of malware that all incident responders need to be able to analyze. This course will teach you how to analyze malicious Adobe PDF and Microsoft Office documents, along with any malicious scripts they contain.
Securing Angular Apps with OpenID Connect and OAuth 2
OpenID Connect and OAuth 2 allow your apps to use modern security protocols and to participate in a Single Sign-on (SSO) experience across multiple apps. This course will show you how to authenticate users and authorize access in your Angular apps.
There are no reviews yet.