Introduction to the OWASP API Security Top 10
The Introduction to the OWASP API Security Top 10 course will teach students why API security is needed. Students will get a brief refresher on the CIA triad and AAA, then move into learning about the OWASP Top 10 from an API security perspective.
Students will learn about broken object level authorization, broken authentication, excessive data exposure, lack of resources and rate limiting, broken function level authorization, mass assignment, security misconfigurations, injection attacks, improper asset management, and insufficient logging and monitoring.
This course is targeted towards software engineers, but anyone can take the course.
It is recommended that students have some software development experience and/or experience in at least one programming language, but coding skills are not required to complete this course.
By the end of this course, students should be able to:
- Understand the OWASP API Security Top 10
- Understand how to mitigate the OWASP Top 10
- Understand why API security is important
Complete this entire course to earn a Introduction to the OWASP API Security Top 10 Certificate of Completion
This module for the Introduction to OWASP Top Ten Module covers A6: Security Misconfiguration.
This module for the Introduction to OWASP Top Ten Module covers A1: Injection.