Secure Coding with OWASP in Go

سرفصل های دوره

Golang (Go) is used to build mission critical applications handling sensitive data. This course will teach you how to implement the most common security requirements and defenses recommended by OWASP in your Golong (Go) applications.

1. Course Overview

1. Course Overview

2. Software Security and Risk Principles

1. The Fundamentals of Software Security

2. Web Security and Go

3. OWASP the Open Web Application Security Project and Go

4. The OWASP Top 10

5. Go and the OWASP Top 10 Proactive Controls

6. Mapping Security Requirements with the OWASP ASVS

7. Demo - Forking and Customizing the ASVS GitHub Repository

8. Summary

03. Input Validation

01. Overview

02. Whitelisting

03. Boundary Checking

04. Character Escaping

05. Numeric Validation

06. Checking for Null Bytes

07. Checking for Newline Characters

08. Checking for Path Alteration Characters

09. Checking for Extended Utf8 Encoding

10. Summary

4. Output Encoding

1. Overview

2. An Intro to XSS

3. Types of XSS Attack

4. Demo - Preventing XSS Attacks with Output Encoding

5. SQL Injection

6. Summary

05. Authentication and Password Management

01. Overview

02. Introduction to Authentication

03. Types of Authentication

04. Common Authentication Protocols

05. Secure Communication Protocols

06. Password Security Best Practices

07. Password Storage Options

08. Demo - Single Factor Authentication

09. Password Policies

10. Password Reset Functionality

11. Demo - Multi Factor Authentication

12. Summary

6. Session Management

1. Overview

2. Session Management Controls

3. Secure Session Identifiers

4. Session Integrity

5. Tokens and Logout

6. Demo - Secure Session Management

7. Summary

7. Access Control

1. Overview

2. Files and Other Resources

3. Protected URLs

4. Protected Functions

5. Direct Object References

6. Services and Application Data

7. Data Attributes and Policy Information

8. Best Practices

9. Summary

8. Cryptographic Practices

1. Overview

2. Hashing

3. Demo - Hashing

4. Encryption

5. NaCL

6. Demo - Encryption

7. Cryptographic Practices

8. Summary

09. Error Handling and Logging

01. Overview

02. Error Handling

03. Effective Error Handling

04. Logging

05. Effective Logging

06. Logging Best Practices

07. Advanced Logging

08. More Best Practices

09. Ensuring Log File Integrity

10. Summary

10. Data Protection

1. Overview

2. Managing Sensitive Information

3. Scrubbing URLs

4. Information Is Power

5. Encryption Is the Key

6. Disable What You Dont Need

7. Cache Protection

8. Summary

11. Communication Security

1. Overview

2. HTTP TLS

3. Websockets

4. Summary

12. System Configuration

1. Overview

2. Demo - Directory Listings

3. Remove Disable What You Dont Need

4. Implement Better Security

5. Asset Management System

6. Summary

13. Database Security

1. Overview

2. Best Practices

3. Database Authentication

4. Database Connections

5. Parameterised Queries

6. Stored Procedures

7. Summary

14. File Management

1. Overview

2. Best Practices

3. Database Authentication

4. Database Connections

5. Parameterised Queries

6. Stored Procedures

7. Summary

15. General Coding Practices

1. Overview

2. Memory Management

3. Cross-site Request Forgery

4. Regular Expressions

5. Summary

45,900 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PluralSight