SkillSoft Explore Course – Lambers, Inc.

IT Professional Curricula Internet and Network Technologies Solution Area Security Solutions OWASP Top 10

OWASP Top 10 list items 5 and 1 cover security misconfigurations and injection, two highly common attacks in modern web applications

Asset ID	sp_owtt_a06_it_enus
Course Type	Video Course
Course Category	Internet and Network Technologies Solution Area

Objectives
OWASP A5 and A1: Security and Injection start the course explain what Security Misconfigurations are how Security Misconfigurations can be exploited and what kind of access is needed to exploit it how easy it is to detect Security Misconfigurations and how common they are the technical and business impacts of Security Misconfigurations provide examples of Security Misconfiguration attacks enable protection for a web app through a WAF explain what Injection is how Injection can be exploited and what kind of access is needed to exploit it how easy it is to detect Injection and how common they are the technical and business impacts of Injection attacks provide examples of Injection attacks inject SQL commands into a web form field Practice: A5 and A1 Commonality explain how A5 and A1 can be exploited by attackers

Objectives

OWASP A5 and A1: Security and Injection

start the course
explain what Security Misconfigurations are
how Security Misconfigurations can be exploited and what kind of access is needed to exploit it
how easy it is to detect Security Misconfigurations and how common they are
the technical and business impacts of Security Misconfigurations
provide examples of Security Misconfiguration attacks
enable protection for a web app through a WAF
explain what Injection is
how Injection can be exploited and what kind of access is needed to exploit it
how easy it is to detect Injection and how common they are
the technical and business impacts of Injection attacks
provide examples of Injection attacks
inject SQL commands into a web form field

Practice: A5 and A1 Commonality