Name: Introduction to the OWASP API Security Top 10
Rating: 4.75 (4 reviews)

Create Free Account

NEED TO TRAIN YOUR TEAM? LEARN MORE

Time

1 hour 43 minutes

Difficulty

Beginner

CEU/CPE

The Introduction to the OWASP API Security Top 10 course will teach students why API security is needed. Students will get a brief refresher on the CIA triad and AAA, then move into learning about the OWASP Top 10 from an API security perspective.

Create Free Account

NEED TO TRAIN YOUR TEAM? LEARN MORE

Already have an account? Sign In »

Introduction

2.1Security Fundamentals

2.2Who is OWASP?

2.3A1: Broken Object Level Authorization

2.4A2: Broken Authentication

2.5A3: Excessive Data Exposure

2.6A4: Lack of Resource and Rate Limiting

2.7A5: Broken Function Level Authorization

2.8A6: Mass Assignment

2.9A7: Security Misconfiguration

2.10Security Misconfiguration Lab Part 1

2.11Security Misconfiguration Lab Part 2

25m

2.12Introduction To OWASP Top Ten: A6 - Security Misconfiguration - Scored

Virtual Lab

2.13A8: Injection

2.14Improper Assets Management

2.15A10: Insufficient Logging and Monitoring

2.16Insufficient Logging and Monitoring Lab

25m

2.17Introduction To OWASP Top Ten: A10 - Insufficient Logging and Monitoring - Scored

Virtual Lab

3.1Conclusion

Students will learn about broken object level authorization, broken authentication, excessive data exposure, lack of resources and rate limiting, broken function level authorization, mass assignment, security misconfigurations, injection attacks, improper asset management, and insufficient logging and monitoring.

Target Audience

This course is targeted towards software engineers, but anyone can take the course.

Prerequisites

It is recommended that students have some software development experience and/or experience in at least one programming language, but coding skills are not required to complete this course.