COURSE

OWASP Top 10 - A09:2021 - Security Logging and Monitoring Failures

Course

The OWASP Top 10 features the most critical web application security vulnerabilities. In this part, A09: Security Logging and Monitoring Failures, you'll take advice from a trusted offensive security professional on how to implement best practices for developing security logging and monitoring solutions at your organization.
Full access included with 
Insider Pro
 and 
Teams

2

H

4

M
Time

intermediate

i
Designed for learners who have no prior work experience in IT or Cybersecurity, but are interested in starting a career in this exciting field.
Designed for learners with prior cybersecurity work experience who are interested in advancing their career or expanding their skillset.
Designed for learners with a solid grasp of foundational IT and cybersecurity concepts who are interested in pursuing an entry-level security role.
Experience Level

2

i

Earn qualifying credits for certification renewal with completion certificates provided for submission.
CEU's

Enrollees

Learners at 96% of Fortune 1000 companies trust Cybrary

About this course

Read More

Skills you'll gain

Course Outline

1
A09-Security Logging and Monitoring Failures
1
H
1
Min
1
A09-Security Logging and Monitoring Failures
1
H
1
Min

Overview: Security Logging and Monitoring Failures

Free

5m

Understanding Security Logging and Monitoring Failures

Free

7m

Demo: Security Logging and Monitoring Failures

Free

4m

Scenario: The OPM Hack

Free

15m

Lab: OWASP Mutillidae Practice

Free

30m

Course Description

Our newest OWASP courses contain exclusive content updates for the September 2021 version of the OWASP Top 10 list.

OWASP Top 10 - A09:2021 - Security Logging and Monitoring Failures

In the A09: Security Logging and Monitoring Failures course, you’ll be introduced to this revised category on the OWASP Top 10 list, which was renamed from Insufficient Logging and Monitoring. Learn about all of the new types of failures included in this category and what the CVE/CVSS data shows us. Discover how adversaries can take advantage of security logging and monitoring failures to gain access to sensitive data, which is why strong log analysis and detection tools are important. Research on this category reveals a need for organizations to develop best practices and incident response plans that sufficiently consider security logging and monitoring failures.

Who should take this course?

Our OWASP Top 10 course is designed for someone who is a seasoned offensive security professional, SOC analyst, or Windows system administrator who wants to know how to exploit and protect against the latest vulnerabilities impacting enterprise systems.

What are the prerequisites for this course?

You will gain the most benefit from this course if you have a basic understanding of: web applications, programming languages, web browsers, and web application hacking.

Why should I take this course?

The Open Web Application Security Project (OWASP) is a non-profit organization focused on web security. The OWASP Top 10 features the most critical web application security vulnerabilities. Our course gives you the knowledge needed to identify, exploit, and offer remediation suggestions for these vulnerabilities.

What makes this course different from other courses on similar topics?

This course is available on the Cybrary platform in a series of installments. Along with an introductory module, each of the subsequent 10 modules are contained separately as installments of the course series. The multimodal design allows for more self-paced, customizable learning. Our on-demand format affords you the flexibility to learn at your own pace.

This course was developed by Clint Kehr, who is a senior technical manager for a financial services company’s Responsible Disclosure Team, where he interacts with ethical hackers who find vulnerabilities in the company’s infrastructure. Clint is a former Special Agent with the Department of Justice where he specialized in internet investigations and conducted numerous cases on cyber threat actors on the surface, deep, and dark web, resulting in Clint earning the Attorney General’s Distinguished Service Award. Clint has trained over 1,000 law enforcement officers, prosecutors, and civilians on the dark web and dark market websites. Clint has a master’s degree in intelligence studies from American Military University, where he graduated with honors. He also has a master’s degree in Information Technology from Carnegie Mellon University, where he graduated with highest distinction. As a former Navy Reserve Officer, Clint served in many roles, such as a division officer and department head for commands in the information warfare community

Why should I take this course on Cybrary and not somewhere else?

Cybrary is the first cybersecurity education platform to release exclusive, updated course content for the new OWASP Top 10 list that was released on September 24th, 2021. The list has been significantly revised since the release of the last 2017 top 10 list, as the new list combines, reorders, and adds new web application vulnerabilities. OWASP has focused on more data-centered research in their creation of the new top 10 list.

Our OWASP courses are lightly theoretical and heavily hands-on. We keep the lectures short and give you the tools and secure virtual environments where you will enjoy capture-the-flag style training exercises. These labs allow you to actively practice and demonstrate your skills in penetration testing. Our courses make you better prepared for handling security incidents in the real world.

This Cybrary OWASP Top 10 (2021) course includes:

  • Engaging video overview lessons that summarize each category and list of CVEs covered, as well as describe how the category in the 2021 list is distinctive from how the category was presented in the 2017 list
  • Written scenarios that highlight the relevance of the OWASP Top 10 web application vulnerabilities in real-world ransomware attacks and data breaches, including the 2015 U.S. Office of Personnel Management data breach, the 2021 Colonial Pipeline Hack, and the 2017 Equifax Breach. You will gain insights of the history and significance of these incidents, as well as learn the tactics and techniques used by adversaries.
  • A custom virtual lab environment where you can practice the skills you've learned using the OWASP Mutillidae web application

    Train Your Team

    Cybrary’s expert-led cybersecurity courses help your team remediate skill gaps and get up-to-date on certifications. Utilize Cybrary to stay ahead of emerging threats and provide team members with clarity on how to learn, grow, and advance their careers within your organization.

    Included in a Path

    Instructors

    Clint Kehr
    Ethical Hacker
    Read Full Bio
    Learn

    Learn core concepts and get hands-on with key skills.

    Practice

    Exercise your problem-solving and creative thinking skills with security-centric puzzles

    Prove

    Assess your knowledge and skills to identify areas for improvement and measure your growth

    Get Hands-on Learning

    Put your skills to the test in virtual labs, challenges, and simulated environments.

    Measure Your Progress

    Track your skills development from lesson to lesson using the Cybrary Skills Tracker.

    Connect with the Community

    Connect with peers and mentors through our supportive community of cybersecurity professionals.

    Success from Our Learners

    "Cybrary really helped me get up to speed and acquire a baseline level of technical knowledge. It offers a far more comprehensive approach than just learning from a book. It actually shows you how to apply cybersecurity processes in a hands-on way"

    Don Gates

    Principal Systems Engineer/SAIC

    "Cybrary’s SOC Analyst career path was the difference maker, and was instrumental in me landing my new job. I was able to show the employer that I had the right knowledge and the hands-on skills to execute the role."

    Cory

    Cybersecurity analyst/

    "I was able to earn my CISSP certification within 60 days of signing up for Cybrary Insider Pro and got hired as a Security Analyst conducting security assessments and penetration testing within 120 days. This certainly wouldn’t have been possible without the support of the Cybrary mentor community."

    Mike

    Security Engineer and Pentester/

    "Cybrary really helped me get up to speed and acquire a baseline level of technical knowledge. It offers a far more comprehensive approach than just learning from a book. It actually shows you how to apply cybersecurity processes in a hands-on way"

    Don Gates

    Principal Systems Engineer/SAIC

    "Cybrary’s SOC Analyst career path was the difference maker, and was instrumental in me landing my new job. I was able to show the employer that I had the right knowledge and the hands-on skills to execute the role."

    Cory

    Cybersecurity analyst/

    "I was able to earn my CISSP certification within 60 days of signing up for Cybrary Insider Pro and got hired as a Security Analyst conducting security assessments and penetration testing within 120 days. This certainly wouldn’t have been possible without the support of the Cybrary mentor community."

    Mike

    Security Engineer and Pentester/

    "Becoming a Cybrary Insider Pro was a total game changer. Cybrary was instrumental in helping me break into cybersecurity, despite having no prior IT experience or security-related degree. Their career paths gave me clear direction, the instructors had real-world experience, and the virtual labs let me gain hands-on skills I could confidently put on my resume and speak to in interviews."

    Cassandra

    Information Security Analyst/Cisco Systems

    "I was able to earn both my Security+ and CySA+ in two months. I give all the credit to Cybrary. I’m also proud to announce I recently accepted a job as a Cyber Systems Engineer at BDO... I always try to debunk the idea that you can't get a job without experience or a degree."

    Casey

    Cyber Systems Engineer/BDO

    "Cybrary has helped me improve my hands-on skills and pass my toughest certification exams, enabling me to achieve 13 advanced certifications and successfully launch my own business. I love the practice tests for certification exams, especially, and appreciate the wide-ranging training options that let me find the best fit for my goals"

    Angel

    Founder,/ IntellChromatics.

    OWASP Top 10 - A09:2021 - Security Logging and Monitoring Failures

    The OWASP Top 10 features the most critical web application security vulnerabilities. In this part, A09: Security Logging and Monitoring Failures, you'll take advice from a trusted offensive security professional on how to implement best practices for developing security logging and monitoring solutions at your organization.
    2
    4
    M
    Time
    intermediate
    difficulty
    2
    ceu/cpe

    Course Content

    Course Description

    Our newest OWASP courses contain exclusive content updates for the September 2021 version of the OWASP Top 10 list.

    OWASP Top 10 - A09:2021 - Security Logging and Monitoring Failures

    In the A09: Security Logging and Monitoring Failures course, you’ll be introduced to this revised category on the OWASP Top 10 list, which was renamed from Insufficient Logging and Monitoring. Learn about all of the new types of failures included in this category and what the CVE/CVSS data shows us. Discover how adversaries can take advantage of security logging and monitoring failures to gain access to sensitive data, which is why strong log analysis and detection tools are important. Research on this category reveals a need for organizations to develop best practices and incident response plans that sufficiently consider security logging and monitoring failures.

    Who should take this course?

    Our OWASP Top 10 course is designed for someone who is a seasoned offensive security professional, SOC analyst, or Windows system administrator who wants to know how to exploit and protect against the latest vulnerabilities impacting enterprise systems.

    What are the prerequisites for this course?

    You will gain the most benefit from this course if you have a basic understanding of: web applications, programming languages, web browsers, and web application hacking.

    Why should I take this course?

    The Open Web Application Security Project (OWASP) is a non-profit organization focused on web security. The OWASP Top 10 features the most critical web application security vulnerabilities. Our course gives you the knowledge needed to identify, exploit, and offer remediation suggestions for these vulnerabilities.

    What makes this course different from other courses on similar topics?

    This course is available on the Cybrary platform in a series of installments. Along with an introductory module, each of the subsequent 10 modules are contained separately as installments of the course series. The multimodal design allows for more self-paced, customizable learning. Our on-demand format affords you the flexibility to learn at your own pace.

    This course was developed by Clint Kehr, who is a senior technical manager for a financial services company’s Responsible Disclosure Team, where he interacts with ethical hackers who find vulnerabilities in the company’s infrastructure. Clint is a former Special Agent with the Department of Justice where he specialized in internet investigations and conducted numerous cases on cyber threat actors on the surface, deep, and dark web, resulting in Clint earning the Attorney General’s Distinguished Service Award. Clint has trained over 1,000 law enforcement officers, prosecutors, and civilians on the dark web and dark market websites. Clint has a master’s degree in intelligence studies from American Military University, where he graduated with honors. He also has a master’s degree in Information Technology from Carnegie Mellon University, where he graduated with highest distinction. As a former Navy Reserve Officer, Clint served in many roles, such as a division officer and department head for commands in the information warfare community

    Why should I take this course on Cybrary and not somewhere else?

    Cybrary is the first cybersecurity education platform to release exclusive, updated course content for the new OWASP Top 10 list that was released on September 24th, 2021. The list has been significantly revised since the release of the last 2017 top 10 list, as the new list combines, reorders, and adds new web application vulnerabilities. OWASP has focused on more data-centered research in their creation of the new top 10 list.

    Our OWASP courses are lightly theoretical and heavily hands-on. We keep the lectures short and give you the tools and secure virtual environments where you will enjoy capture-the-flag style training exercises. These labs allow you to actively practice and demonstrate your skills in penetration testing. Our courses make you better prepared for handling security incidents in the real world.

    This Cybrary OWASP Top 10 (2021) course includes:

  • Engaging video overview lessons that summarize each category and list of CVEs covered, as well as describe how the category in the 2021 list is distinctive from how the category was presented in the 2017 list
  • Written scenarios that highlight the relevance of the OWASP Top 10 web application vulnerabilities in real-world ransomware attacks and data breaches, including the 2015 U.S. Office of Personnel Management data breach, the 2021 Colonial Pipeline Hack, and the 2017 Equifax Breach. You will gain insights of the history and significance of these incidents, as well as learn the tactics and techniques used by adversaries.
  • A custom virtual lab environment where you can practice the skills you've learned using the OWASP Mutillidae web application

    This course is part of a Career Path:
    No items found.

    Instructed by

    Provider
    Cybrary Logo
    Certification Body
    Certificate of Completion

    Complete this entire course to earn a OWASP Top 10 - A09:2021 - Security Logging and Monitoring Failures Certificate of Completion