OWASP Top 10: #7 XSS and #8 Insecure Deserialization

- Some of the security breaches that you hear about in the news are well-known and preventable. Others are newer to the scene and researchers are actively trying to understand them better. The Open Web Application Security Project provides a list that describes some of the most common security vulnerabilities. It's called the OWASP Top 10 and it can help you learn about how to address these in your organization's software. In this course, I'm going to talk about vulnerability categories numbers seven and eight: Cross-site Scripting and Insecure Deserialization. Cross-site scripting is a classic security vulnerability that has been around for a long time and continues to be exploited to this day. Insecure deserialization is somewhat of a trendier concept that has been gaining more traction in the past few years. Throughout this course, I'll describe how these vulnerabilities work. We'll examine some real-life examples and their impact to companies and consumers. I'll also provide you with prevention techniques so that you know how to address these types of issues in your software. I'm Caroline Wong and I'm the Chief Security Strategist at Cobalt.io. Come and join me in my LinkedIn Learning course on the OWASP Top 10, numbers seven and eight.