Lesson 10 - OWASP Top 10 2017 - A6:2017-Security Misconfiguration
AppSec Starter is a basic application security awareness training applied to onboarding new developers. It is not the purpose of this training to discuss advanced and practical topics. Conviso has customized training and practical training platforms.
Training recorded by Nicolas Schmaltz and copyright reserved to Conviso Application Security S/A.
Lesson 10 Contents:
Bad security settings are the most observed aspect of the collected data. This is usually a consequence of insecure, incomplete or ad hoc default settings, cloud storage without any access restrictions, misconfigured HTTP headers or error messages with sensitive information. Not only must all operating systems, frameworks, code libraries and applications be securely configured, but they must also be updated and security patched in a timely fashion.
Contribute to the Docs
Found something outdated or missing? Help us improve the documentation with a quick suggestion or edit.
How to contributeResources
By exploring our content, you'll find resources that will enhance your understanding of the importance of a Security Application Program.
Conviso Blog: Explore our blog, which offers a collection of articles and posts covering a wide range of AppSec topics. The content on the blog is primarily in English.
Conviso's YouTube Channel: Access a wealth of informative videos covering various topics related to AppSec. Please note that the content is primarily in Portuguese.