Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Pluralsight

Secure Coding: Preventing Broken Access Control

via Pluralsight

Overview

Learn how to protect your code from access control issues. You will gain an understanding of how an attacker might find and attack those vulnerabilities before building defenses into your code.

Broken access controls can expose information and functionality in your service to unauthorized users and is currently one of the top vulnerabilities found in software. You need to understand those vulnerabilities in order to defend against potential attackers. In this course, Secure Coding: Preventing Broken Access Control, you will gain the ability to protect your code from access control vulnerabilities. First, you will learn to understand vulnerabilities and potential attacks against them. Next, you will discover some of the key principles associated with defensive code. Finally, you will explore how to write clean, readable, defensive code. When you are finished with this course, you will have the skills and knowledge needed to protect your code from access control vulnerabilities.

Topics:
  • Course Overview
  • Defining Access Controls
  • Forced Browsing to Find Hidden Functionality
  • Traversing Directories for Unauthorized File Access
  • Manipulating Parameters to Alter Results
  • Finding Insecure Direct Object References (IDOR)
  • Guiding Principles for Access Controls

Taught by

Gavin Johnson-Lynn

Related Courses

Reviews

Start your review of Secure Coding: Preventing Broken Access Control

Never Stop Learning!

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free