OWASP Proactive Controls

Category
Software
Level
Beginner
Lessons
32
Duration
2h 51m 08s
Last Updated: 2018-09-25
We will begin this course by showing you the OWASP top 10 proactive controls, its history, and how to find the project on the OWASP website. We will discuss how to verify security, parameterized queries, encode data, and validate inputs. Here, we will also show you how to implement identity and authentication controls, including session management, federation, password management tools, and identity repositories.

We will then learn how to implement access tools and protect data. We will discuss logging and intrusion detection, which includes tips on proper application logging and suggestions on how to implement intrusion detection into your source code.

We will conclude with security frameworks and exception handling, such as leveraging security frameworks and libraries. You will also learn best practices in error and exception handling, especially exiting out of error conditions in a secure way.
Category
Software
Level
Beginner
Lessons
32
Duration
2h 51m 08s
OWASP Proactive Controls - Module 01 - Controls 1-5
Topic A: Overview - Part 1
3 lessons14m 45sCompleted 0 / 3
Topic B: Verify Security - Part 1
3 lessons14m 37sCompleted 0 / 3
Topic C: Parameterize Queries - Part 1
3 lessons31m 29sCompleted 0 / 3
Topic D: Encode Data - Part 1
3 lessons18m 25sCompleted 0 / 3
Topic E: Validate Inputs - Part 1
3 lessons14m 45sCompleted 0 / 3
OWASP Proactive Controls - Module 02 - Controls 6-10
Robert Hurlbut, CSSLP
I'm an independent software security consultant, software architect, and trainer. I help teams solve problems, learn best approaches, and find success in software security, software architecture, and software development. I have experience in threat modeling, secure code review, cloud security, and development in .NET and Java. My work has spanned many industries, including healthcare, government, telecommunications, manufacturing, finance, and education. I'm a Microsoft MVP for Developer Security, an (ISC)2 Certified Secure Software Lifecycle Professional (CSSLP), and 'm an active member of the Information Systems Security Association (ISSA) - MA:New England Chapter, and OWASP and OWASP, Boston Chapter.
Robert Hurlbut, CSSLPSoftware Security Architect and Trainer