IT Skills     Security     Software Development Security     OWASP Top 10 2020

---

Web applications are ubiquitous in today's computing world. In this course, you'll learn about software developer tools that can result in secure web application creation. You'll learn about server-side and client-side code, as well how to scan a web app for vulnerabilities using OWASP ZAP and Burp Suite. Next, you’ll explore secure coding using the OWASP ESAPI. Moving on, you’ll examine how to enable the Metasploitable intentionally vulnerable web app virtual machine. You'll also learn about different types of software testing methodologies and the difference between vulnerability scanning and penetration testing. Lastly, you'll learn how to deploy a web application firewall in the Microsoft Azure cloud.

---

---

Objectives

OWASP Top 10: Web Application Security discover the key concepts covered in this course identify components related to developing and running a web application recognize how to securely write code describe the purpose of the Open Web Application Security Project (OWASP) recognize the relevance of web application security testing list the benefits of using a secure API when writing web app code differentiate between static and dynamic software testing download and run the Metasploitable intentionally vulnerable web app VM plan for various types of security testing identify active network hosts and services using Nmap identify host vulnerabilities using OpenVAS compare past network scans with current scans to identify changes describe how a web application firewall differs from other types of firewalls deploy a web application firewall solution in the Microsoft Azure cloud summarize the key concepts covered in this course