Part 1 Intro

Video Activity

This brief lesson introduces participants to the agenda of this module which will cover: Definition, Sample Code and Case study Demos: IDOR w/ files, IDOR with URLs, both show mitigation with tokenization Mitigations, countermeasures and defenses Lab and lab solutions

Join over 3 million cybersecurity professionals advancing their career

Sign up with

or

Already have an account? Sign In »

Course

Time

9 hours 31 minutes

Difficulty

Intermediate

CEU/CPE

10

Video Description

This brief lesson introduces participants to the agenda of this module which will cover: Definition, Sample Code and Case study Demos: IDOR w/ files, IDOR with URLs, both show mitigation with tokenization Mitigations, countermeasures and defenses Lab and lab solutions

Video Transcription

00:04

Hello and welcome to the cyber very secure coding course my name Miss anywhere. And this is a loss top 10 for 2013 a four

00:16

insecure direct object reference now for our agenda. We are, of course, going to go through our definition for insecure, direct object reference. We're also going to take a look at some of the attacks that are possible when this flaw is present.

00:35

We'll also look at a case study

00:37

and then we'll have two demos, one that shows indirect object reference in regards to working with files

00:46

and then another in regards to working with you R l's. Now I will show token ization as a mitigation for both of these. In the demo,

00:57

we're gonna follow that up with our defense is countermeasures in mitigation section and then wrap up the module with our lab in lab solution.

Up Next

Part 2 Explanations

Part 3 IDOR files tokens Demo

Part 4 IDO urls tokens Demo

Part 5 Defenses

Part 6 Lab Solutions

Secure Coding

In the Secure Coding training course, Sunny Wear will show you how secure coding is important when it comes to lowering risk and vulnerabilities. Learn about XSS, Direct Object Reference, Data Exposure, Buffer Overflows, & Resource Management.

Instructed By

Similar Content

OWASP

Established in 2001, the Open Web Application Security Project (OWASP) offers free security tools and ...

12 CEU/CPE Hours Available

Certificate of Completion Offered

Python Coding - Basic

Python Coding - Basic

The Python Coding - Basic test is a premium Cybrary assessment test created by Interview ...

Interview Mocha

Intro to Python

Intro to Python

This is an introductory course on Python for cyber security, giving students the ability to ...

3 CEU/CPE Hours Available

Certificate of Completion Offered