Owasp Api Security Top 10 - With Nodejs Code Samples.

Posted By: ELK1nG

Owasp Api Security Top 10 - With Nodejs Code Samples.
Published 11/2023
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.20 GB | Duration: 3h 7m

Mastery of OWASP API Security 2023: Uncover vulnerabilities, adopt countermeasures, and safeguard your APIs.

What you'll learn

Introduction to API Security

Understanding OWASP API Security Risks: A detailed exploration of the Open Web Application Security Project (OWASP) API Security Top 10 risks for the year 2023.

Risk Mitigation Strategies: Students will learn various techniques and best practices for mitigating each of the OWASP API security risks covered in the course.

Building Secure APIs: Students will gain practical insights into designing and developing secure APIs from scratch.

opics covered include input validation, data encryption, secure error handling, logging and monitoring practices

Requirements

Basic knowledge of APIs and CRUD operation.

Basic Understanding of API Authentication & Authorization using AUTH Tokens

Description

In this comprehensive course, we dive deep into the OWASP Top Ten - API Security Risks 2023 and explore real-world examples to understand the critical security challenges faced by modern web applications. With the increasing reliance on APIs for data sharing and communication between applications, it is crucial for developers and security professionals to be well-versed in the threats and vulnerabilities associated with API security.Throughout the course, we will examine each of the API security risks listed in the OWASP Top Ten 2023, providing in-depth analysis and practical insights. By studying real-world examples, participants will gain a solid understanding of the potential risks and their impact on the security posture of APIs.Key Topics Covered:1. Broken Object Level Authorization2. Broken Authentication3. Broken Object Property Level Authorization4. Unrestricted Resource Consumption5. Broken Function Level Authorization6. Unrestricted Access to Sensitive Business Flows7. Server Side Request Forgery8. Security Misconfiguration9. Improper Inventory Management10. Unsafe Consumption of APIsCourse Format and Learning Methods:- Interactive lectures with real-world examples and case studies- Hands-on exercises and demonstrations to reinforce concepts- Group discussions and collaborative problem-solving activities- Q&A sessions and open forums for participant engagement- Access to additional resources, reference materials, and tools for further explorationBy the end of this course, participants will have a comprehensive understanding of the OWASP Top Ten - API Security Risks 2023 and the necessary skills to effectively assess, mitigate, and protect APIs from potential vulnerabilities. They will be equipped with practical knowledge and best practices to implement secure API architectures, conduct security assessments, and ensure the overall integrity of their applications.Who should attend:- Software developers and engineers- Security professionals and analysts- IT managers and administrators- Web application testers and quality assurance specialistsJoin us in this immersive course as we delve into the world of API security risks and empower ourselves with the knowledge and expertise needed to build robust and secure applications.

Overview

Section 1: Introduction

Lecture 1 Welcome

Lecture 2 About OWASP

Lecture 3 Sample (hands-on) Application Overview

Section 2: OWASP API Security Top 10 Risks - 2023

Lecture 4 Intro

Lecture 5 JSON Web Token Authentication Flow

Lecture 6 Broken Object Level Authorization

Lecture 7 Broken Object Level Authorization- Identify & Fix (hands-on)

Lecture 8 Broken Authentication

Lecture 9 Broken Authentication - Identify & Fix (hands-on)

Lecture 10 Broken Object Property Level Authorization - Intro

Lecture 11 Broken Object Property Level Authorization - Identify & Fix (hands-on)

Lecture 12 Unrestricted Resource Consumption - Intro

Lecture 13 Unrestricted Resource Consumption - Identify & Fix (hands-on)

Lecture 14 Broken Function Level Authorization - Intro

Lecture 15 Broken Function Level Authorization - Identify & Fix (hands-on)

Lecture 16 Unrestricted Access to Sensitive Business Flows - Intro

Lecture 17 Unrestricted Access to Sensitive Business Flows - Identify & Fix (hands-on)

Lecture 18 Server Side Request Forgery (SSRF) - Intro

Lecture 19 Server Side Request Forgery (SSRF) - Identify & Fix (hands -on)

Lecture 20 Security Misconfiguration - Intro

Lecture 21 Security Misconfiguration - Identify & Fix (hands -on)

Lecture 22 Improper Inventory Managment - Intro

Lecture 23 Improper Inventory Managment - Identify & Fix (hands -on)

Lecture 24 Unsafe Consumption of APIs - Intro

Lecture 25 Unsafe Consumption of APIs - Identify & Fix (hands -on)

developer,an architect,a security professional,someone eager to enhance their understanding of API security