We may earn an affiliate commission when you visit our partners.
DevSecCon

This talks shows how to protect against injections and also how to monitor them by combining two of the OWASP top 10 security risks: Injections and insufficient logging & monitoring.

Read more

This talks shows how to protect against injections and also how to monitor them by combining two of the OWASP top 10 security risks: Injections and insufficient logging & monitoring.

Security is a hard problem, especially when you are only running, not writing, an application. This talks shows how to protect against injections and also how to monitor them by combining two of the OWASP top 10 security risks: 1. Injections (A1:2017): We are using a simple application exploitable by injection and will then secure it with the Web Application Firewall (WAF) ModSecurity. 2. Insufficient Logging & Monitoring (A10:2017): We are logging and monitoring both the secured and the unsecured application with the Elastic Stack.

Enroll now

What's inside

Syllabus

Secure Your Code - Injections and Logging

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Provides guidance on how to protect against injection attacks and monitor for them
Relevant for professionals interested in improving security and monitoring practices
Provides practical examples of injection attacks and demonstrates how to secure against them using real-world tools
Combines two critical security risks: injections and insufficient logging & monitoring
Demonstrates how to secure applications using the Web Application Firewall (WAF) ModSecurity
Provides insights into using Elastic Stack for logging and monitoring secured and unsecured applications

Save this course

Save Secure Your Code - Injections and Logging to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Secure Your Code - Injections and Logging with these activities:
Review of Web Applications Security
Help you recall and reinforce foundational security concepts relevant to this course.
Browse courses on Web Application Security
Show steps
  • Review OWASP Top 10 security risks
  • Read articles or blog posts on injection attacks
  • Watch videos or tutorials on secure coding practices for web applications
Review OWASP Top 10
Review the OWASP Top 10 to refresh your knowledge on common security risks
Browse courses on OWASP
Show steps
  • Read the OWASP Top 10
  • Take notes on key points
Review SQL commands
Review the basics of SQL to make sure you have a solid foundation for this course
Browse courses on SQL
Show steps
  • Go over SQL commands syntax
  • Practice writing SQL queries
Six other activities
Expand to see all activities and additional details
Show all nine activities
Follow online security tutorials
Follow online security tutorials to learn about new security techniques and tools
Show steps
  • Find online security tutorials
  • Watch or read the tutorials
Attend a security conference
Attend a security conference to learn from experts and network with other professionals
Show steps
  • Research security conferences
  • Register for a conference
  • Attend sessions and workshops
Participate in a security workshop
Participate in a security workshop to gain hands-on experience and learn from experts
Show steps
  • Research security workshops
  • Register for a workshop
  • Attend the workshop and participate in activities
Practice writing secure code
Practice writing secure code to reinforce the concepts learned in this course
Show steps
  • Use a secure coding checklist
  • Test your code for vulnerabilities
Contribute to an open-source security project
Contribute to an open-source security project to gain experience and learn from others
Show steps
  • Find an open-source security project
  • Contribute to the project
Develop a security plan
Create a security plan to demonstrate your understanding of the principles covered in this course
Show steps
  • Identify security risks
  • Develop security measures
  • Create a security policy

Career center

Learners who complete Secure Your Code - Injections and Logging will develop knowledge and skills that may be useful to these careers:
Security Architect
Security Architects design, implement, and manage an organization's security infrastructure. They work with other IT professionals to ensure that the organization's systems and data are protected from unauthorized access, use, disclosure, disruption, modification, or destruction. This course can help Security Architects learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor systems for security events and how to respond to security breaches.
Information Security Analyst
Information Security Analysts plan and implement security measures to protect an organization's information systems and data from unauthorized access, use, disclosure, disruption, modification, or destruction. They may also work with law enforcement to investigate security breaches. This course can help Information Security Analysts learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor systems for security events and how to respond to security breaches.
Application Security Engineer
Application Security Engineers work with developers and IT to design, implement, and manage the security of applications. They help to protect applications from vulnerabilities and attacks, such as injections. This course can help Application Security Engineers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor applications for security events and how to respond to security breaches.
Software Developer
Software Developers design, develop, and maintain software applications. They work with other IT professionals to ensure that software applications are secure and user-friendly. This course can help Software Developers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor software applications for security events and how to respond to security breaches.
Cybersecurity Analyst
Cybersecurity Analysts monitor and analyze security events and data to detect and respond to security threats. They work with other IT professionals to ensure that an organization's systems and data are protected from unauthorized access, use, disclosure, disruption, modification, or destruction. This course can help Cybersecurity Analysts learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor systems for security events and how to respond to security breaches.
Network Security Engineer
Network Security Engineers design, implement, and manage an organization's network security infrastructure. They work with other IT professionals to ensure that the organization's network is protected from unauthorized access, use, disclosure, disruption, modification, or destruction. This course can help Network Security Engineers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor networks for security events and how to respond to security breaches.
Web Developer
Web Developers design, develop, and maintain websites. They work with other IT professionals to ensure that websites are secure and user-friendly. This course can help Web Developers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor websites for security events and how to respond to security breaches.
Incident Responder
Incident Responders investigate and respond to security breaches. They work with other IT professionals to contain the damage from a security breach and to restore normal operations. This course can help Incident Responders learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to investigate and respond to security breaches.
Cloud Security Engineer
Cloud Security Engineers design, implement, and manage the security of cloud computing environments. They work with other IT professionals to ensure that cloud computing environments are secure and compliant with regulatory requirements. This course can help Cloud Security Engineers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to design, implement, and manage security in cloud computing environments.
Digital Forensics Analyst
Digital Forensics Analysts investigate computer crimes and other digital incidents. They work with law enforcement to collect and analyze digital evidence. This course can help Digital Forensics Analysts learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to investigate digital crimes and collect and analyze digital evidence.
Penetration Tester
Penetration Testers assess the security of an organization's systems and networks by simulating an attack. They work with other IT professionals to identify and address security vulnerabilities. This course can help Penetration Testers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to assess the security of systems and networks and how to identify and address security vulnerabilities.
Security Researcher
Security Researchers identify and analyze security vulnerabilities in software and systems. They work with other IT professionals to develop and implement security solutions. This course can help Security Researchers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to identify and analyze security vulnerabilities.
Security Consultant
Security Consultants help organizations to improve their security posture. They work with organizations to identify and address security risks, and to develop and implement security solutions. This course can help Security Consultants learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to assess an organization's security posture and how to develop and implement security solutions.
IT Auditor
IT Auditors assess the security of an organization's information systems and data. They work with other IT professionals to ensure that the organization's systems and data are protected from unauthorized access, use, disclosure, disruption, modification, or destruction. This course can help IT Auditors learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor systems for security events and how to respond to security breaches.
Security Engineer
Security Engineers design, implement, and manage an organization's security infrastructure. They work with other IT professionals to ensure that the organization's systems and data are protected from unauthorized access, use, disclosure, disruption, modification, or destruction. This course can help Security Engineers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to design, implement, and manage security infrastructure.

Reading list

We've selected nine books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Secure Your Code - Injections and Logging.
Provides a comprehensive overview of reverse engineering, including how to analyze injection attacks.
Provides a comprehensive overview of secure coding practices, including how to prevent injection attacks and improve logging.
Provides a comprehensive overview of security engineering, including topics like injection attacks and logging.
Provides a good overview of incident response and computer forensics, including how to investigate injection attacks and use logs as evidence.
Provides a good overview of cryptography and network security, including topics like injection attacks and logging.
Provides a good overview of network security, including topics like injection attacks and logging.
Provides a broad overview of computer security, including topics like injection attacks and logging.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to Secure Your Code - Injections and Logging.
Secure Coding: Preventing Insufficient Logging and...
Most relevant
Application Security for Developers and DevOps...
Most relevant
Secure Coding in Go
Secure Coding in Java
Application Security for Developers
OWASP Top 10: The Big Picture
Supply Chain Risk Management with OWASP Dependency-Check
Getting Started with OWASP Zed Attack Proxy (ZAP) for Web...
Logging and Monitoring in ASP.NET Core
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser