Course Description
This course introduces security concepts to members of the application team. This includes business analysts, developers, quality assurance, project managers, etc. Students will be introduced to common security terminology and concepts related to secure application development.
Team members will gain an understanding of foundational concepts, such as the OWASP Top 10. This course focuses on teaching the concepts of the security vulnerabilities so each student understands the issue and impact.

Application Security Professional
James Jardine
Course curriculum
-
1
Introduction
-
Introduction to Application Security
-
Intro to OWASP
-
Resources and Links
-
-
2
Injection
-
Introduction to Injection
FREE PREVIEW -
Untrusted Data
-
Intro to Input Validation
-
Intro to SQL Injection
FREE PREVIEW -
Demo - SQL Injection
-
Demo - SQL Injection - Stored Procedures
-
Command Injection
-
Demo - Command Injection
-
XML External Entity (XXE)
-
Demo - XXE
-
-
3
Cross Site Scripting
-
XSS Brief Overview
-
Cross-Site Scripting
-
Demo - X-XSS-Protection
-
Demo - Content Security Policy
-
Demo - Output Encoding
-
-
4
Cross Site Request Forgery
-
CSRF Overview
-
CSRF Walkthrough - Part 1
-
CSRF Walkthrough - Part 2 (Remediation)
-
-
5
Sensitive Data
-
Sensitive Data Intro
-
Password Storage
-
-
6
Authentication and Sessions
-
Authentication
-
Forgot Password
-
Authorization
-
Security Questions
-
Insecure Direct Object Reference
-
Intro to Cookies
-
Session Management
-
Session Fixation
-
Resources and Links
-
-
7
3rd Party Code
-
3rd Party Code
-
Resources and Links
-
-
8
Open Redirect
-
Insecure Redirect
-
Walkthrough - Open Redirect (Login)
-
-
9
Server Side Request Forgery
-
SSRF - Overview
-
Walkthrough - SSRF
-
Pricing options
Explain how different pricing options might be valuable to different segments of your audience.
-
$149.00
Regular price