Free course in web security offered by Microsoft and LinkedIn
Free web security course details:
Learn about the top security concerns when developing websites, and what you can do to keep your servers, software and data safe from harm.
Coach Kevin Skoglund explains what motivates hackers and their most common attack methods, then details the techniques and mindset needed to craft solutions to these web security challenges. Learn the eight fundamental principles that underlie all security efforts, the importance of filtering inputs and controlling outputs, and how to defend against the most common types of attacks.
This course is essential for developers who want to secure their websites and for anyone else who wants to learn more about web security
Lecturer:
Kevin Skoglund
Kevin is the author of lynda.com with over 15 years teaching and web development.
Contents of the web security course:
The importance of security
What is security?
Why security matters
What is a hacker?
Threat Models
Total security is not achievable
Simplicity is safer
Never trust users
Expect the unexpected
Security through obscurity
Decline lists and allow lists
Organizing requests
Entry validation
Data sterilization
Keep credentials private
Smart recording
Types of dependency attacks
Strong passwords
Process URL and Insecure Direct Object Reference (IDOR)
SQL injection
Cross-site scripting (XSS)
Cross-site order fraud (CSRF)
Request protection through the site
Seeing cookies and theft
Session hijacking
Remote code execution
File upload misuse
Denial of service
Business cycles