Protect systems from malware and overloading by regulating the files that are allowed to be uploaded.
- There is one attack that's worse than all the others. … Remote code execution. … Remote code execution or RCE … is when an attacker can remotely execute … internal operating system commands on a server. … To put it another way, an attacker can type commands … as if they were sitting at the keyboard. … They can perform any task that a logged in user can perform. … They can read, add, modify or delete files. … They can change access privileges or passwords. … They can turn on and off configurations and services … and they can communicate to other servers. … When you read a news article or you see a warning … about a bug which allows remote code execution, … you should pay attention. … It's a significant one. … Fortunately, remote code execution … is also one of the hardest hacks to pull off. … Operating systems keep a wall between the operating system … and the software running the web server, … which is difficult to get through unless you make it easy. … Most programming languages have functions which allow them …
- Threat models
- Least privilege
- Defense in depth
- Validating and sanitizing input
- Credential attacks
- SQL injection
- Cross-site scripting
Skill Level Beginner
Web Programming Foundationswith Morten Rand-Hendriksen58m 44s Beginner
Web Security: Same-Origin Policieswith Sasha Vodnik1h 54m Advanced
1. Security Overview
2. General Security Principles
3. Filter Input, Control Output
4. The Most Common Attacks
Next steps2m 26s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.