Secure Coding: Preventing Sensitive Data Exposure from Pluralsight

In this course, you will look from an attack-driven perspective at several OWASP recommendations for preventing sensitive data exposure when developing a web application.

Would you like the ability to recognize what is needed to make a web application properly manage sensitive data and prevent it from unintended exposure? This course, Secure Coding: Preventing Sensitive Data Exposure, will show you the knowledge that is based on the recommendations set by the Open Web Application Security Project (or OWASP in short). First, you will learn how to think of sensitive data and what constitutes sensitive data. Next, you will discover TLS; the protocol to protect sensitive data transmitted between a web browser and web application and the different facilities it provides to enable this protection. Finally, you will explore how to properly manage user passwords stored in a database. When you’re finished with this course, you will have the knowledge of preventing sensitive data exposure needed to effectively and efficiently apply them in your own Web applications.

What's inside

Syllabus

Course Overview

Defining OWASP Top 10 Sensitive Data Exposure

Attacking the Web Application

Attacking the Web Browser

Attacking Data at Rest

Good to know

Know what's good

, what to watch for

, and possible dealbreakers

Fortifies your skillset with practices aligned with recognized industry standards

Lets you think deeply about data security by putting you in the shoes of an attacker

Includes advanced topics like exploiting data at rest, making it perfect for experienced learners

Gives you a mix of theoretical knowledge and practical skills, ensuring a well-rounded learning experience

Requires a basic understanding of web application development, so it's best suited for those with some experience in the field

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Secure Coding: Preventing Sensitive Data Exposure with these activities:

Attend a Study Group

Show steps

Join or form a study group to discuss course material, share insights, and collaborate on assignments.

Show steps

Find or create a study group with fellow students.
Meet regularly to discuss course topics.
Share notes, resources, and ideas.
Work together on assignments and projects.

Review TLS

Show steps

Review the basics of TLS to ensure a strong foundation for understanding how it protects sensitive data.

Browse courses on TLS

Show steps

Read articles or blog posts about TLS.
Set up a simple web server and configure it to use TLS.
Use a tool like Wireshark to capture and analyze TLS traffic.

Identify Sensitive Data

Show steps

Practice identifying sensitive data in various formats to develop a keen eye for potential vulnerabilities.

Browse courses on Sensitive Data

Show steps

Review the OWASP Top 10 Sensitive Data Exposure category.
Analyze sample web applications and identify potential data exposure issues.
Use a tool like OWASP ZAP to scan web applications for sensitive data leaks.

Three other activities

Expand to see all activities and additional details

Show all six activities

Write a Blog Post or Article

Show steps

Summarize and share your understanding of a specific topic covered in the course to reinforce your learning and potentially benefit others.

Show steps

Choose a topic that you are particularly interested in or knowledgeable about.
Research the topic thoroughly.
Write a clear and concise blog post or article.
Publish your blog post or article on a relevant platform.
Promote your blog post or article on social media.

Attend a Web Security Workshop

Show steps

Participate in a workshop to gain practical experience in securing web applications and preventing data exposure.

Show steps

Find a reputable web security workshop.
Register for the workshop.
Attend the workshop and actively participate in the activities.
Apply the knowledge and skills learned from the workshop to your own web applications.

Contribute to an Open Source Web Security Project

Show steps

Gain hands-on experience in web security by contributing to an open source project focused on preventing data exposure.

Show steps

Find an open source web security project that you are interested in.
Read the project's documentation.
Identify an area where you can contribute.
Create a pull request with your contribution.
Respond to feedback and make changes as necessary.

Career center

Learners who complete Secure Coding: Preventing Sensitive Data Exposure will develop knowledge and skills that may be useful to these careers:

Web Developer

A Web Developer specializes in designing, developing, and maintaining websites and web applications. This course is a good fit for Web Developers who want to ensure that their web applications properly manage and protect sensitive data. By understanding the OWASP recommendations and learning how to apply them, Web Developers can help prevent data breaches and protect user privacy.

See salaries and explore the career path for Web Developer

Information Security Analyst

An Information Security Analyst identifies and mitigates security risks to an organization's information systems. This course can be helpful in building a foundation for Information Security Analysts who want to learn about secure coding techniques and the OWASP recommendations for preventing sensitive data exposure. By understanding the threats to sensitive data and how to protect against them, Information Security Analysts can enhance their ability to keep an organization's information systems secure.

See salaries and explore the career path for Information Security Analyst

Cybersecurity Architect

A Cybersecurity Architect designs and implements security solutions for an organization's IT systems and networks. This course is a good fit for Cybersecurity Architects who want to learn about the OWASP recommendations for preventing sensitive data exposure and how to apply them in real-world scenarios. By understanding the threats to sensitive data and how to protect against them, Cybersecurity Architects can enhance their ability to design and implement secure IT systems and networks.

See salaries and explore the career path for Cybersecurity Architect

Privacy Analyst

A Privacy Analyst ensures that an organization complies with privacy laws and regulations. This course is a good fit for Privacy Analysts who want to learn about the OWASP recommendations for preventing sensitive data exposure and how to apply them in real-world scenarios. By understanding the threats to sensitive data and how to protect against them, Privacy Analysts can enhance their ability to protect an organization's data and comply with privacy regulations.

See salaries and explore the career path for Privacy Analyst

Data Security Analyst

A Data Security Analyst protects an organization's data from unauthorized access, use, disclosure, disruption, modification, or destruction. This course may be helpful to Data Security Analysts who want to learn about the OWASP recommendations for preventing sensitive data exposure and how to implement them in real-world scenarios. By understanding the threats to sensitive data and how to mitigate them, Data Security Analysts can enhance their ability to protect an organization's data.

See salaries and explore the career path for Data Security Analyst

Cybersecurity Analyst

A Cybersecurity Analyst analyzes cybersecurity risks and vulnerabilities to an organization's IT systems and networks. This course, with its focus on preventing sensitive data exposure, can be helpful to Cybersecurity Analysts who want to learn about best practices for protecting sensitive data and mitigating the risks of data breaches. By understanding the OWASP recommendations and how to implement them, Cybersecurity Analysts can enhance their ability to protect an organization's IT systems and data.

See salaries and explore the career path for Cybersecurity Analyst

Technical Security Consultant

A Technical Security Consultant provides advice and guidance to organizations on how to improve their security posture. This course can be useful for Technical Security Consultants who want to learn about the OWASP recommendations for preventing sensitive data exposure and how to apply them in real-world scenarios. By understanding the threats to sensitive data and how to mitigate them, Technical Security Consultants can better assist organizations in safeguarding their data and information systems.

See salaries and explore the career path for Technical Security Consultant

Network Security Engineer

A Network Security Engineer designs, implements, and maintains network security systems to protect an organization's network infrastructure from unauthorized access and attacks. This course may be useful to Network Security Engineers who want to gain a better understanding of the OWASP recommendations for preventing sensitive data exposure. By learning about the techniques and tools used to protect sensitive data over networks, Network Security Engineers can enhance their ability to secure an organization's network infrastructure.

See salaries and explore the career path for Network Security Engineer

Incident Responder

An Incident Responder investigates and responds to security incidents. This course can be helpful for Incident Responders who want to learn about the OWASP recommendations for preventing sensitive data exposure and how to apply them in real-world scenarios. By understanding the threats to sensitive data and how to mitigate them, Incident Responders can enhance their ability to respond to and mitigate data breaches and other security incidents.

See salaries and explore the career path for Incident Responder

Cloud Security Engineer

A Cloud Security Engineer designs and implements security measures to protect an organization's cloud computing infrastructure. This course can provide a useful foundation for Cloud Security Engineers who want to learn about secure coding techniques and the OWASP recommendations for preventing sensitive data exposure. By understanding the threats to sensitive data in the cloud and how to protect against them, Cloud Security Engineers can enhance their ability to secure an organization's cloud infrastructure.

See salaries and explore the career path for Cloud Security Engineer

Threat Intelligence Analyst

A Threat Intelligence Analyst collects, analyzes, and disseminates information about threats to an organization's IT systems and networks. This course can be helpful for Threat Intelligence Analysts who want to learn about the OWASP recommendations for preventing sensitive data exposure and how to identify and analyze threats to sensitive data. By understanding the threats to sensitive data and how to protect against them, Threat Intelligence Analysts can enhance their ability to protect an organization's IT systems and networks.

See salaries and explore the career path for Threat Intelligence Analyst

Vulnerability Assessor

A Vulnerability Assessor identifies and analyzes vulnerabilities in an organization's IT systems and networks. This course can be helpful for Vulnerability Assessors who want to learn about the OWASP recommendations for preventing sensitive data exposure and how to identify and analyze vulnerabilities that could lead to data breaches. By understanding the threats to sensitive data and how to protect against them, Vulnerability Assessors can enhance their ability to protect an organization's IT systems and networks.

See salaries and explore the career path for Vulnerability Assessor

Forensics Analyst

A Forensics Analyst investigates and analyzes computer systems and networks to gather evidence of security breaches and other crimes. This course can be helpful for Forensics Analysts who want to learn about the OWASP recommendations for preventing sensitive data exposure and how to identify and analyze evidence of data breaches. By understanding the threats to sensitive data and how to protect against them, Forensics Analysts can enhance their ability to investigate and respond to security incidents.

See salaries and explore the career path for Forensics Analyst

Security Engineer

A Security Engineer designs, implements, and maintains security controls to protect an organization's IT infrastructure. This course, with its emphasis on preventing sensitive data exposure, could be useful to Security Engineers who want to gain a deeper understanding of the OWASP recommendations. By learning about the potential risks and vulnerabilities associated with sensitive data exposure, Security Engineers can better design and implement security measures to protect an organization's assets.

See salaries and explore the career path for Security Engineer

Software Developer

A Software Developer is a professional who specializes in designing, programming, and implementing software applications. This course may be useful for Software Developers seeking to learn industry best practices and OWASP recommendations for preventing sensitive data exposure in web applications. As a developer, understanding various attack vectors and how sensitive data can be exposed can be crucial during the development and implementation phases of web applications.

See salaries and explore the career path for Software Developer