Lesson 05 - OWASP Top 10 2017 - A1:2017-Injection

AppSec Starter is a basic application security awareness training applied to onboarding new developers. It is not the purpose of this training to discuss advanced and practical topics. Conviso has customized training and practical training platforms.

Training recorded by Nicolas Schmaltz and copyright reserved to Conviso Application Security S/A.

Lesson 5 Contents:

Injection flaws such as SQL, OS, and LDAP injections occur when untrusted data is sent to an interpreter as part of a legitimate command or query. The attacker's hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization.