Overview
-
Learn about broken access control and cryptographic failures, the first two security vulnerabilities listed on the 2021 OWASP Top 10.
Syllabus
-
Introduction
- OWASP Top 10
- What is broken access control?
- Example 1: 2021 Facebook broken access control vulnerability
- Example 2: 2021 personal data travel breach
- Prevention techniques: Least privilege
- Prevention techniques: Record ownership and logging
- Prevention techniques: Functional access control testing
- What is cryptographic failure?
- Example 1: 2021 GoDaddy plaintext passwords
- Example 2: Using a broken or risky cryptographic algorithm
- Prevention techniques: Data classification
- Prevention techniques: Proper key management
- Prevention techniques: Secure protocols
- OWASP Top 10 keep learning
