Free

OWASP Top 10 - A08:2021 - Software and Data Integrity Failures

The OWASP Top 10 features the most critical web application security vulnerabilities. In this part, A08: Software and Data Integrity Failures, you'll take advice from a trusted offensive security professional on how to implement best practices for data and software integrity verification and risk mitigation.
2
37
M
Time
intermediate
difficulty
3
ceu/cpe

Course Content

Lab: Software and Data Integrity Failures

0m

A08-Software and Data Integrity Failures
Scenario: The SolarWinds Breach

10m

A08-Software and Data Integrity Failures
Demo: Software and Data Integrity Failures

13m

A08-Software and Data Integrity Failures
Overview: Software and Data Integrity Failures

12m

A08-Software and Data Integrity Failures
Course Description

Our newest OWASP courses contain exclusive content updates for the September 2021 version of the OWASP Top 10 list.

OWASP Top 10 - A08:2021 - Software and Data Integrity Failures

In the A08: Software and Data Failures course, you’ll be introduced to this new category on the OWASP Top 10 list, which was renamed from Insufficient Logging and Monitoring. Learn about how such flaws can allow adversaries to exploit critical vulnerabilities and live inside of victim systems for long periods of time. Such was the case in the massive SolarWinds breach that impacted more than 18,000 customers, including government agencies and some of the largest global corporations. Learn how to identify, exploit, and mitigate such attacks in this hands-on course.

Who should take this course?

Our OWASP Top 10 course is designed for an intermediate-level learner, someone who is a seasoned offensive security professional, SOC analyst, or Windows system administrator who wants to know how to exploit and protect against the latest vulnerabilities impacting enterprise systems.

What are the prerequisites for this course?

You will gain the most benefit from this course if you have a basic understanding of: web applications, programming languages, web browsers, and web application hacking.

Why should I take this course?

The Open Web Application Security Project (OWASP) is a non-profit organization focused on web security. The OWASP Top 10 features the most critical web application security vulnerabilities. Our course gives you the knowledge needed to identify, exploit, and offer remediation suggestions for these vulnerabilities.

What makes this course different from other courses on similar topics?

This course is available on the Cybrary platform in a series of installments. Along with an introductory module, each of the subsequent 10 modules are contained separately as installments of the course series. The multimodal design allows for more self-paced, customizable learning. Our on-demand format affords you the flexibility to learn at your own pace.

This course was developed by Clint Kehr, who is a technical manager for a financial services company’s Responsible Disclosure Team, where he interacts with ethical hackers who find vulnerabilities in the company’s infrastructure. Clint is a former Special Agent with the Department of Justice where he specialized in internet investigations and conducted numerous cases on cyber threat actors on the surface, deep, and dark web, resulting in Clint earning the Attorney General’s Distinguished Service Award. Clint has trained over 1,000 law enforcement officers, prosecutors, and civilians on the dark web and dark market websites. Clint has a master’s degree in intelligence studies from American Military University where he graduated with honors and also has a master’s degree in Information Technology from Carnegie Mellon University where he graduated with highest distinction. As a former Navy Reserve Officer, Clint served in many roles, such as a division officer and department head for commands in the information warfare community.

Why should I take this course on Cybrary and not somewhere else?

Cybrary is the first cybersecurity education platform to release exclusive, updated course content for the new OWASP Top 10 list that was released on September 24th, 2021. The list has been significantly revised since the release of the last 2017 top 10 list, as the new list combines, reorders, and adds new web application vulnerabilities. OWASP has focused on more data-centered research in their creation of the new top 10 list.

This Cybrary OWASP Top 10 (2021) course includes:

  • Engaging video overview lessons that summarize each category and list of CVEs covered, as well as describe how the category in the 2021 list is distinctive from how the category was presented in the 2017 list
  • Written scenarios that highlight the relevance of the OWASP Top 10 web application vulnerabilities in real-world ransomware attacks and data breaches, including the 2020 SolarWinds breach. You will gain insights of the history and significance of these incidents.
  • Custom hands-on labs that allow you to identify, exploit, and mitigate these critical vulnerabilities, as well as offer remediation advice to clients.

    This course is part of a Career Path:
    No items found.

    Instructed by

    Senior Instructor
    Clint Kehr

    Clint is a technical manager for a financial services company’s Responsible Disclosure Team, where he interacts with ethical hackers who find vulnerabilities in the company’s infrastructure. Clint is a former Special Agent with the Department of Justice where he specialized in internet investigations and conducted numerous cases on cyber threat actors on the surface, deep, and dark web, resulting in Clint earning the Attorney General’s Distinguished Service Award. Clint has trained over 1,000 law enforcement officers, prosecutors, and civilians on the dark web and dark market websites. Clint has a master’s degree in intelligence studies from American Military University where he graduated with honors and also has a master’s degree in Information Technology from Carnegie Mellon University where he graduated with highest distinction. As a former Navy Reserve Officer, Clint served in many roles, such as a division officer and department head for commands in the information warfare community.

    Provider
    Cybrary Logo
    Certification Body
    Certificate of Completion

    Complete this entire course to earn a OWASP Top 10 - A08:2021 - Software and Data Integrity Failures Certificate of Completion