Python Secure Coding Playbook

سرفصل های دوره

Secure coding is a skill that every web developer needs to ensure they are protected from common vulnerabilities. This course teaches you about those vulnerabilities, how an attacker might exploit them, and how to avoid them in your Python websites.

1. Course Overview

1. Course Overview

2. Secure Coding Principles

1. Secure Coding and the OWASP Top 10

2. Secure Coding Guidelines

3. Injection Flaws

1. Understanding Injection Flaws

2. Attacking and Defending SQL Injection

3. Attacking and Defending Operating System Command Injection

4. Demo - Defending Against Injection Attacks in Python

4. Broken Authentication

1. Authentication Components

2. Handling Passwords

3. Password Guessing

4. Demo - Password Guessing Defense

5. Credential Stuffing

6. Demo - Credential Stuffing

7. Demo - Time-based One-time Passwords

8. Further Time-based One-time Password Security

5. Sensitive Data Exposure

1. Data Sensitivity

2. Areas of Data Exposure

3. Demo - Protecting Sensitive Data

6. XML External Entities (XXE)

1. XXE Attacks

2. Demo - XXE Attack and Defense

7. Broken Access Control

1. Understanding Authorization

2. Access Control with Role-based Access

3. Demo - Implementing Role-based Access

8. Security Misconfiguration

1. Areas of Misconfiguration

2. Common Misconfigurations

3. Demo - Fixing Common Misconfigurations

9. Cross-Site Scripting (XSS)

1. Understanding Cross-Site Scripting

2. Types of XSS

3. XSS Defenses

4. Demo - XSS Defenses

10. Insecure Deserialization

1. Understanding Deserialization

2. Types of Deserialization Vulnerability

3. Demo - Correcting Deserialization Issues

11. Using Components with Known Vulnerabilities

1. Understanding Known Vulnerabilities

2. Demo - Detecting Known Vulnerabilities

12. Insufficient Logging and Monitoring

1. Understanding Logging and Monitoring

2. Demo - Logging Authentication Actions

3. Demo - Logging Authorization Actions

139,000 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PluralSight