Learn to examine web requests and consider what types should be allowed and how to respond to them.
- Before you can fly on a commercial airplane, … you must first pass through a security checkpoint. … These checkpoints are designed to detect problems early … and to keep the most serious threats out. … Most checkpoint implement defense in depth. … A passenger shows their ID and boarding pass to an agent, … and then they pass through a combination of metal detectors … and X-ray machines. … More agents are on hand to perform additional checks, … such as to manually inspect bags and conduct swab tests … to detect chemical residue. … In this chapter, we'll discuss filtering input … and controlling output. … Filtering input is a lot like a security checkpoint. … We want to stop problems early. … Good data's allowed through while bad data is allowed out. … Regulating requests, validating input, and sanitizing data … are different techniques that provide defense in depth. … Let's talk about the first layer of defense, … regulating requests. … Http requests are the most fundamental component …
- Threat models
- Least privilege
- Defense in depth
- Validating and sanitizing input
- Credential attacks
- SQL injection
- Cross-site scripting
Skill Level Beginner
Web Programming Foundationswith Morten Rand-Hendriksen58m 44s Beginner
Web Security: Same-Origin Policieswith Sasha Vodnik1h 54m Advanced
1. Security Overview
2. General Security Principles
3. Filter Input, Control Output
4. The Most Common Attacks
Next steps2m 26s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.