This course aims to teach learners about the OWASP API Security Top 10, 2023 edition, covering each security risk and techniques to secure APIs. The course also delves into additional key concepts beyond the Top 10. Students will acquire skills in fortifying APIs against potential threats, understanding OWASP, compiling the Top 10, and addressing specific vulnerabilities like broken authentication and misconfigurations. The teaching method involves video lectures and real-world examples. This course is intended for developers, security professionals, and anyone interested in API security.
Overview
Syllabus
⌨️ Welcome to APIsec University
⌨️ Introduction to OWASP API Security and Beyond!
⌨️ How the Course Works
⌨️ Course Objectives
⌨️ What is OWASP
⌨️ How is the Top 10 Compiled?
⌨️ Mapped to External Sources
⌨️ Updates to the OWASP API Security Top 10
⌨️ API1:2023 - Broken Object Level Authorization
⌨️ API2:2023 - Broken Authentication
⌨️ API3:2023 - Broken Object Property Level Authorization
⌨️ API4:2023 - Unrestricted Resource Consumption
⌨️ API5:2023 - Broken Function Level Authorization
⌨️ API6:2023 - Unrestricted Access to Sensitive Business Flows
⌨️ API7:2023 - Server Side Request Forgery
⌨️ API8:2023 - Security Misconfiguration
⌨️ API9:2023 - Improper Inventory Management
⌨️ API10:2023 - Unsafe Consumption of APIs
⌨️ Injections
⌨️ Insufficient Logging & Monitoring
⌨️ Business Logic Flaws
Taught by
freeCodeCamp.org
