BloomTech’s Downfall: A Long Time Coming

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

OWASP Top 10: #7 XSS and #8 Insecure Deserialization

via LinkedIn Learning

Go to class Write review

Overview

Learn about the seventh and eighth categories of security vulnerabilities in the OWASP Top 10—cross-site scripting (XSS) and insecure deserialization.

Syllabus

Introduction
  • Common software vulnerabilities
1. Cross-Site Scripting: How Does It Work?
  • General concept
2. Impact of Cross-Site Scripting
  • Example scenario 1
  • Example scenario 2
3. Preventing Cross-Site Scripting
  • Enable a content security policy
  • Apply context sensitive encoding
  • Escape untrusted HTTP data
4. Insecure Deserialization: How Does It Work?
  • General concept
5. Impact of Insecure Deserialization
  • Example scenario 1
  • Example scenario 2
6. Preventing Insecure Deserialization
  • Use integrity checks and encrypt
  • Log to detect insecure deserialization
  • Isolate code that deserializes
Conclusion
  • Next steps

Taught by

Caroline Wong

Reviews

Start your review of OWASP Top 10: #7 XSS and #8 Insecure Deserialization

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.