Lesson 04 - OWASP Top 10 Basics
AppSec Starter is a basic application security awareness training applied to onboarding new developers. It is not the purpose of this training to discuss advanced and practical topics. Conviso has customized training and practical training platforms.
Training recorded by Nicolas Schmaltz and copyright reserved to Conviso Application Security S/A.
Lesson 4 Contents:
Introduces what is the Open Web Application Security Project (OWASP) and the OWASP Top 10 project:
- Injection
- Broken authentication and session management
- Sensitive data exposure
- XML external entity (XXE)
- Broken access control
- Security misconfiguration
- Cross-site scripting(XSS)
- Insecure deserialization
- Using components with known vulnerabilities
- Insufficient logging & monitoring
Resources
By exploring our content, you'll find resources that will enhance your understanding of the importance of a Security Application Program.
Conviso Blog: Explore our blog, which offers a collection of articles and posts covering a wide range of AppSec topics. The content on the blog is primarily in English.
Conviso's YouTube Channel: Access a wealth of informative videos covering various topics related to AppSec. Please note that the content is primarily in Portuguese.