Video Description

This lesson starts out with a definition of how application functions related to authentication and session management are often not implemented correctly, which allow attackers to access other's information and assume their identity. Participants in this lesson learn about threat agents, attack vectors as well as security weaknesses. The instructor also discusses types of attacks such as: • The session fixation attack (cookie security) • Brute Force Attacks (password management) Participants also learn about A2-Broken authentication and session management samples and session fixation vulnerabilities. Finally, participants learn about the gmail cookie stealing and hijacking which occurred in 2011 as well as some sample code that is Java non-compliant as well as an example that is Java compliant.

Course Modules

Secure Coding