From the course: ASP.NET: Security
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
OWASP Top 10
- [Narrator] We will now talk about mitigating common attacks, and whenever you think about the topic web application security, there is one source that comes to mind. It's the OWASP Top 10 list. OWASP stands for Open Web Application Security Project. The website is owasp.org. It is run by the OWASP Foundation and the idea is that OWASP is a non-for profit organization that's active all around the world providing conferences, meetings, other types of events, all around the topic of web application security, and their efforts also include software, how-tos, checklists, et cetera, but the most important, or let's say most well-known thing they do is they have something called the OWASP Top Ten list. It's a list, originally it was an annual list, but then it was released every three years and they didn't stick to that cadence every time, but basically it is a list of the most critical web application security risks. The way this works is that security researchers and then the OWASP Top…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
(Locked)
OWASP Top 103m 36s
-
(Locked)
Cross-site scripting (XSS): The attack5m 10s
-
(Locked)
Cross-site scripting (XSS): The defense4m 18s
-
(Locked)
Cross-site scripting (XSS) in JavaScript5m 19s
-
(Locked)
Same-origin policy and CORS5m 12s
-
(Locked)
Enabling CORS in ASP.NET Web API6m 20s
-
(Locked)
SQL injection with ADO.NET3m 56s
-
(Locked)
SQL injection with Entity Framework3m 32s
-
(Locked)
Fixing SQL injection4m 27s
-
(Locked)
Cross-Site Request Forgery (CSRF)4m 40s
-
(Locked)
Defending against CSRF4m 24s
-
(Locked)
-
-
-
-