Sorry, this page is no longer available

We may earn an affiliate commission when you visit our partners.

Secure Your Code - Injections and Logging

This talks shows how to protect against injections and also how to monitor them by combining two of the OWASP top 10 security risks: Injections and insufficient logging & monitoring.

Security is a hard problem, especially when you are only running, not writing, an application. This talks shows how to protect against injections and also how to monitor them by combining two of the OWASP top 10 security risks: 1. Injections (A1:2017): We are using a simple application exploitable by injection and will then secure it with the Web Application Firewall (WAF) ModSecurity. 2. Insufficient Logging & Monitoring (A10:2017): We are logging and monitoring both the secured and the unsecured application with the Elastic Stack.

This course is no longer available. Find something similar by browsing:

Injections Logging Security Monitoring Web Application Firewall Elastic Stack OWASP Top 10 ModSecurity

What's inside

Syllabus

Traffic lights

Read about what's good

what should give you pause

and possible dealbreakers

Provides guidance on how to protect against injection attacks and monitor for them

Relevant for professionals interested in improving security and monitoring practices

Provides practical examples of injection attacks and demonstrates how to secure against them using real-world tools

Combines two critical security risks: injections and insufficient logging & monitoring

Demonstrates how to secure applications using the Web Application Firewall (WAF) ModSecurity

Provides insights into using Elastic Stack for logging and monitoring secured and unsecured applications

Save this course

Create your own learning path. Save this course to your list so you can find it easily later.

Save

Reviews summary

Secure code: injections & logging with owasp

According to students, this course provides a practical and relevant deep dive into securing applications against OWASP Top 10 injection risks and setting up effective logging and monitoring. Learners highlight the excellent practical walkthroughs using ModSecurity and the Elastic Stack, finding the content highly valuable for developers and IT professionals. While it offers a solid foundation, some learners wished for more advanced custom rules or found certain setup aspects to require prior technical knowledge.

Complex security topics explained clearly.

"The instructor did a fantastic job explaining complex topics like SQL injection prevention and cross-site scripting with clear, concise examples."

"The Elastic Stack portion was particularly well-explained and practical, offering immediate utility."

"I found the explanations easy to follow, making difficult concepts accessible."

Highly valuable for developers and IT professionals.

"It's incredibly relevant for my current work in application security."

"This course is extremely valuable for any developer or IT professional looking to secure their applications effectively."

"I find the skills taught here directly applicable to my current role."

Covers critical OWASP Injection and Logging risks.

"A solid introduction to Web Application Firewalls and logging strategies, especially for covering the OWASP Top 10 basics."

"I really appreciated how this course successfully combined the two critical aspects of security: prevention of injections and robust detection through logging and monitoring."

"It explained how to protect against injections and also how to monitor them by combining two of the OWASP top 10 security risks."

Learn real-world code security with hands-on tools.

"This course provided an excellent practical walkthrough of securing an application using ModSecurity and setting up robust monitoring with the Elastic Stack."

"It's incredibly relevant for my current work in application security. Highly recommend for anyone looking to implement real-world security measures."

"The instructor did a fantastic job explaining complex topics like SQL injection prevention... I feel much more confident now."

May require existing technical background for setup.

"While the course covered essential security concepts, I found some sections to be a bit too basic if you already have some background in cybersecurity."

"Setting up the labs required a bit more prior knowledge of Linux environments and networking than I anticipated, which could be challenging for complete beginners."

"I wished for a deeper dive into more advanced custom ModSecurity rules and fine-tuning, as well as complex Elastic Stack queries."

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Secure Your Code - Injections and Logging with these activities:

Review of Web Applications Security

Show steps

Help you recall and reinforce foundational security concepts relevant to this course.

Browse courses on Web Application Security

Show steps

Review OWASP Top 10 security risks
Read articles or blog posts on injection attacks
Watch videos or tutorials on secure coding practices for web applications

Review OWASP Top 10

Show steps

Review the OWASP Top 10 to refresh your knowledge on common security risks

Browse courses on OWASP

Show steps

Read the OWASP Top 10
Take notes on key points

Review SQL commands

Show steps

Review the basics of SQL to make sure you have a solid foundation for this course

Browse courses on SQL

Show steps

Go over SQL commands syntax
Practice writing SQL queries

Six other activities

Expand to see all activities and additional details

Show all nine activities

Follow online security tutorials

Show steps

Follow online security tutorials to learn about new security techniques and tools

Show steps

Find online security tutorials
Watch or read the tutorials

Attend a security conference

Show steps

Attend a security conference to learn from experts and network with other professionals

Show steps

Research security conferences
Register for a conference
Attend sessions and workshops

Participate in a security workshop

Show steps

Participate in a security workshop to gain hands-on experience and learn from experts

Show steps

Research security workshops
Register for a workshop
Attend the workshop and participate in activities

Practice writing secure code

Show steps

Practice writing secure code to reinforce the concepts learned in this course

Show steps

Use a secure coding checklist
Test your code for vulnerabilities

Contribute to an open-source security project

Show steps

Contribute to an open-source security project to gain experience and learn from others

Show steps

Find an open-source security project
Contribute to the project

Develop a security plan

Show steps

Create a security plan to demonstrate your understanding of the principles covered in this course

Show steps

Identify security risks
Develop security measures
Create a security policy

Career center

Learners who complete Secure Your Code - Injections and Logging will develop knowledge and skills that may be useful to these careers:

Application Security Engineer

Application Security Engineers work with developers and IT to design, implement, and manage the security of applications. They help to protect applications from vulnerabilities and attacks, such as injections. This course can help Application Security Engineers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor applications for security events and how to respond to security breaches.

See salaries and explore the career path for Application Security Engineer

Information Security Analyst

Information Security Analysts plan and implement security measures to protect an organization's information systems and data from unauthorized access, use, disclosure, disruption, modification, or destruction. They may also work with law enforcement to investigate security breaches. This course can help Information Security Analysts learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor systems for security events and how to respond to security breaches.

See salaries and explore the career path for Information Security Analyst

Security Architect

Security Architects design, implement, and manage an organization's security infrastructure. They work with other IT professionals to ensure that the organization's systems and data are protected from unauthorized access, use, disclosure, disruption, modification, or destruction. This course can help Security Architects learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor systems for security events and how to respond to security breaches.

See salaries and explore the career path for Security Architect

Web Developer

Web Developers design, develop, and maintain websites. They work with other IT professionals to ensure that websites are secure and user-friendly. This course can help Web Developers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor websites for security events and how to respond to security breaches.

See salaries and explore the career path for Web Developer

Software Developer

Software Developers design, develop, and maintain software applications. They work with other IT professionals to ensure that software applications are secure and user-friendly. This course can help Software Developers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor software applications for security events and how to respond to security breaches.

See salaries and explore the career path for Software Developer

IT Auditor

IT Auditors assess the security of an organization's information systems and data. They work with other IT professionals to ensure that the organization's systems and data are protected from unauthorized access, use, disclosure, disruption, modification, or destruction. This course can help IT Auditors learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor systems for security events and how to respond to security breaches.

See salaries and explore the career path for IT Auditor

Network Security Engineer

Network Security Engineers design, implement, and manage an organization's network security infrastructure. They work with other IT professionals to ensure that the organization's network is protected from unauthorized access, use, disclosure, disruption, modification, or destruction. This course can help Network Security Engineers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor networks for security events and how to respond to security breaches.

See salaries and explore the career path for Network Security Engineer

Security Consultant

Security Consultants help organizations to improve their security posture. They work with organizations to identify and address security risks, and to develop and implement security solutions. This course can help Security Consultants learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to assess an organization's security posture and how to develop and implement security solutions.

See salaries and explore the career path for Security Consultant

Cybersecurity Analyst

Cybersecurity Analysts monitor and analyze security events and data to detect and respond to security threats. They work with other IT professionals to ensure that an organization's systems and data are protected from unauthorized access, use, disclosure, disruption, modification, or destruction. This course can help Cybersecurity Analysts learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to monitor systems for security events and how to respond to security breaches.

See salaries and explore the career path for Cybersecurity Analyst

Incident Responder

Incident Responders investigate and respond to security breaches. They work with other IT professionals to contain the damage from a security breach and to restore normal operations. This course can help Incident Responders learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to investigate and respond to security breaches.

See salaries and explore the career path for Incident Responder

Digital Forensics Analyst

Digital Forensics Analysts investigate computer crimes and other digital incidents. They work with law enforcement to collect and analyze digital evidence. This course can help Digital Forensics Analysts learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to investigate digital crimes and collect and analyze digital evidence.

See salaries and explore the career path for Digital Forensics Analyst

Security Researcher

Security Researchers identify and analyze security vulnerabilities in software and systems. They work with other IT professionals to develop and implement security solutions. This course can help Security Researchers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to identify and analyze security vulnerabilities.

See salaries and explore the career path for Security Researcher

Penetration Tester

Penetration Testers assess the security of an organization's systems and networks by simulating an attack. They work with other IT professionals to identify and address security vulnerabilities. This course can help Penetration Testers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to assess the security of systems and networks and how to identify and address security vulnerabilities.

See salaries and explore the career path for Penetration Tester

Security Engineer

Security Engineers design, implement, and manage an organization's security infrastructure. They work with other IT professionals to ensure that the organization's systems and data are protected from unauthorized access, use, disclosure, disruption, modification, or destruction. This course can help Security Engineers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to design, implement, and manage security infrastructure.

See salaries and explore the career path for Security Engineer

Cloud Security Engineer

Cloud Security Engineers design, implement, and manage the security of cloud computing environments. They work with other IT professionals to ensure that cloud computing environments are secure and compliant with regulatory requirements. This course can help Cloud Security Engineers learn about the OWASP top 10 security risks and how to protect against them. It can also help them learn how to design, implement, and manage security in cloud computing environments.

See salaries and explore the career path for Cloud Security Engineer

Reading list

We've selected nine books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Secure Your Code - Injections and Logging.