Inhalt des Trainings
The task to create and maintain secure applications, or fixing existing applications, can be difficult. It is no different for APIs. This module has been designed to give you an overview and working understanding of how to develop secure APIs and Web applications.
Vorkenntnisse
At least 1-2 years experience in cybersecurity or 4-5 years experience in IT.
Detail-Inhalte
- Introduction to OWASP Secure Coding
What is OWASP? What are the biggest security issues with online applications? We will start with sketching the big picture around web security and especially the OWASP Top 10. How to use it as a helpful guide to the secure development of online applications and defense against threats.
- Authentication and Access Control
Authorization remains the biggest challenge in web applications and API Security.
If we look at OWASP 2023 API security 3 out of the top 5 issues are around access control.
We will be looking into approaches to fix this, like implementing OpenID en OAuth2 flows and integrating these into your APIs.
- Hardening your API and Web application
Cross-site scripting, Cross-site request forgery, misconfiguration, CORS are just a couple of things to keep in mind while developing an online system. What can we do to design and implement secure applications?