Lesson 06 - OWASP Top 10 2017 - A2:2017-Broken Authentication

AppSec Starter is a basic application security awareness training applied to onboarding new developers. It is not the purpose of this training to discuss advanced and practical topics. Conviso has customized training and practical training platforms.

Training recorded by Nicolas Schmaltz and copyright reserved to Conviso Application Security S/A.

Lesson 6 Contents*:

Application functions that are related to authentication and session management are often implemented incorrectly, allowing an attacker to compromise passwords, keys, session tokens, or abuse other implementation flaws that allow them to assume the identity of other users (temporarily or permanently).