Join Kevin Skoglund for an in-depth discussion in this video Regulating access privileges, part of Foundations of Programming: Web Security.
- [Voiceover] Good security means…managing your access privileges well.…There are few concepts that can help.…First, remember the principle of "least privilege."…Give users access to the tools they need to do their job,…and nothing more.…Second, you wanna be organized.…If' you're disorganized, you can't be sure…who has access to what resources.…It's easy for privileges to get set too high,…or to be forgotten about completely.…You also wanna make it easy for privileges…to be revoked.…This is important when roles change,…or when people leave your organization.…
It shouldn't take a week for you to get around…to turning off a former employee's access.…That's a week that you have a major security hole,…and of course you should restrict access…to the access privilege administration tools most of all.…Command over access privileges is the most important asset.…Accordingly, it should be the most closely guarded.…It might become an inconvenience if only one or two people…manage the access privileges for the whole organization,…
This course is great for developers who want to secure their client's websites, and for anyone else who wants to learn more about web security.
- Why security matters
- What is a hacker?
- How to write a security policy
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- SQL injection
- Session hijacking and fixation
- Passwords and encryption
- Secure credit card payments
Skill Level Beginner
1. Security Overview
2. General Security Principles
3. Filtering Input, Controlling Output
4. The Most Common Attacks
5. Encryption and User Authentication
6. Other Areas of Concern
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.