Learn about the seventh and eighth categories of security vulnerabilities in the OWASP Top 10—cross-site scripting (XSS) and insecure deserialization.
Overview
Syllabus
Introduction
- Common software vulnerabilities
- General concept
- Example scenario 1
- Example scenario 2
- Enable a content security policy
- Apply context sensitive encoding
- Escape untrusted HTTP data
- General concept
- Example scenario 1
- Example scenario 2
- Use integrity checks and encrypt
- Log to detect insecure deserialization
- Isolate code that deserializes
- Next steps
Taught by
Caroline Wong