وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

Secure Coding with OWASP in Django 4

سرفصل های دوره

This course will teach you how to use and implement the OWASP ASVS standards to write code that’s secure against malicious attacks.


1. Course Overview
  • 1. Course Overview

  • 2. Secure Coding with OWASP
  • 1. Course Introduction
  • 2. OWASP ASVS - Introduction
  • 3. Architecture, Design, and Threat Modeling

  • 3. Authentication
  • 1. Authentication
  • 2. Demo - Setup User Authentication
  • 3. Demo - Good Password Practices
  • 4. Demo - Two-factor Authentication
  • 5. Demo - Password Reset
  • 6. Demo - Protect Against Automation Attacks

  • 4. Secure Sessions
  • 1. Secure Sessions in Django
  • 2. Cookie-based Session Management
  • 3. Session Lifecycle
  • 4. Step-up Authentication
  • 5. Summary

  • 5. Access Control
  • 1. Introduction to Access Control
  • 2. Role-based Access Control
  • 3. Access Control with Groups
  • 4. How Does CSRF Attack Work
  • 5. Anti-CSRF Mechanism in Django
  • 6. Summary

  • 6. Validation, Sanitization, and Encoding
  • 1. Introduction to Input Validation
  • 2. Validation and Sanitization of Form Data
  • 3. Protecting from SQL Injection Attacks
  • 4. Protecting from OS Injection Attacks
  • 5. Insecure Deserialization of Data

  • 7. Protecting Sensitive Data
  • 1. Protecting Sensitive Data Using Django
  • 2. Demo - Encrypt Sensitive Data in Cookies
  • 3. Demo - Encrypt Sensitive Data in Database
  • 4. Demo - Cleanup Data from the Browser
  • 5. Demo - Users Privacy and Consent Workflow
  • 6. Demo - Sending Data in GET vs POST Requests
  • 7. Demo - Enforce Secure Protocols for Data in Transit
  • 8. Summary

  • 8. Error Handling and Logging
  • 1. Introduction to Error Handling and Logging
  • 2. How to Prevent Logging Sensitive Information
  • 3. Obfuscating Sensitive Information
  • 4. Logging Security Incidents
  • 5. Error Handling Without Leaking Critical Information
  • 6. Summary

  • 09. Hardening Configuration to Protect against Malicious Code
  • 01. Impact of Malicious Code on an App
  • 02. Verify Dependency Packages
  • 03. Detect Outdated and Vulnerable Packages
  • 04. Generate SRI Hashes for JS Dependencies
  • 05. Hardening Configuration in Production
  • 06. Disable Debug Features in Production
  • 07. Block Sensitive Information from Headers
  • 08. Set Appropriate Security Headers
  • 09. Validate HTTP Requests
  • 10. Summary

  • 10. Business Logic Security
  • 1. Vulnerabilities in Business Logic
  • 2. Adhere to Business Logic Flows
  • 3. Rate Limiting on Business Actions
  • 4. Summary

  • 11. Securing Third-party Files
  • 1. How Can Untrusted Files Prove Harmful
  • 2. Limit the Size of File Being Uploaded
  • 3. Validate Filename and Scan for Virus
  • 4. Store Files Securely
  • 5. What Is a SSRF Attack
  • 6. Prevent SSRF Attacks
  • 7. Summary

  • 12. API and Web Services
  • 1. API and Web Services
  • 2. Demo - Securing APIS
  • 3. Demo - Validate JSON Schema
  • 4. Summary
  • 139,000 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    مدرس:
    شناسه: 18217
    حجم: 448 مگابایت
    مدت زمان: 188 دقیقه
    تاریخ انتشار: 31 مرداد 1402
    طراحی سایت و خدمات سئو

    139,000 تومان
    افزودن به سبد خرید