Explore potential file and I/O issues, the risks associated with them, and learn how to avoid them.
- The file system can be a dangerous place…for applications, and bad actors…love to leverage it to find exploits.…Attacks of the file system can be relatively easy…to exploit, because it's a great…learning arena for new attackers.…Furthermore, the results can be devastating to the systems.…As we look at the risk management flow,…the ease of attack in conjunction…with the damage potential, should yield…a clear need to take these seriously.…
There are several areas we need to focus on…with file systems and file input and output.…The first we will discuss is often more infrastructure…focused, but in a devops world, the line is very blurred.…You need to ensure your application is run…in a user process that is controlled.…You should only provide access to the file system…for that user that the application needs in order to run.…
This is often considered in server side application,…especially in the Linux world, but the same cannot be said…for desktop or mobile applications.…While sandboxing environments help,…the fact is that the developer…
AuthorFrank P Moley III
- Understanding attackers and risks
- Documenting your risks
- Issues related to web client–server interactions
- Issues related to thick app and client–server interactions
- Authorization and cryptography issues
- Implementing security in each phase of the software development life cycle
Skill Level Beginner
Web Security: OAuth and OpenID Connectwith Keith Casey1h 26m Intermediate
Programming Foundations: Design Patternswith Elisabeth Robson2h 19m Intermediate
What you need to know1m 35s
1. Security and Risk Overview
2. Web Client Server Interaction Code Issues
3. Thick App and Client-Server Interaction Issues
4. Crypto and Security Misuse Issues
5. Security in the SDLC
Next steps2m 10s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.