Course details

OWASP: Top 10 & Web Applications

OWASP: Top 10 & Web Applications


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level



Overview/Description

Web applications rely on numerous underlying infrastructure components, including public key infrastructure (PKI). Discover the overall web application ecosystem with a focus on the OWASP Top 10 2017. Key concepts covered in this 13-video course include how to identify common web application security issues and their impacts; how tools such as Nmap, Metasploit, and Nessus can be used for benign and malicious purposes; and how the OWASP Top 10 helps to secure web applications. Next, you will learn the OWASP security tools; how to identify common web application architecture and development techniques and the role that clients and servers play; and how TLS supersedes SSL and tools such as SSL Labs can test PKI implementations. Learners then observe how PKI certificates can enhance web application security; how to configure HTTPS bindings for Microsoft IIS websites; and how to configure Microsoft IIS websites to require client certificates. Finally, learn how to configure HTTPS bindings for Linux Apache websites, and how to scan a public Internet site's PKI configuration to determine the site's security posture.



Expected Duration (hours)
1.0

Lesson Objectives

OWASP: Top 10 & Web Applications

  • Course Overview
  • identify common web application security issues and their impact, including embedded web apps in IoT devices
  • define how tools such as Nmap, Metasploit and Nessus can be used for benign and malicous purposes
  • recognize how the OWASP Top 10 helps to secure web applications
  • recognize OWASP security tools
  • identify common web application architecture and development techniques and the role that clients and servers play
  • recall how TLS supersedes SSL and tools such as SSL Labs can test PKI implementations
  • recognize how PKI certificates can enhance web application security
  • configure an HTTPS binding for a Microsoft IIS web site
  • configure a Microsoft IIS web site to require client certificates
  • configure an HTTPS binding for a Linux Apache web site
  • scan a public Internet site's PKI configuration to determine the security posture of the site
  • implement measures to secure the web application environment
  • Course Number:
    it_spowsp_06_enus

    Expertise Level
    Intermediate