Training Course

OWASP: Proactive Controls

Browse All Courses > Security

Have a question while you're learning?

Get in-depth explanations, tips, further insights, and more from Certified Experts. Our experts are vetted industry professionals eager to help you learn from their experiences.

Course Syllabus(32 Lessons)

OWASP Proactive Controls - Module 01 - Controls 1-5
Topic A: Overview - Part 1
3 lessons14m 47s
Topic B: Verify Security - Part 1
3 lessons14m 39s
Topic C: Parameterize Queries - Part 1
3 lessons31m 30s
Topic D: Encode Data - Part 1
3 lessons18m 27s
Topic E: Validate Inputs - Part 1
3 lessons14m 46s
OWASP Proactive Controls - Module 02 - Controls 6-10

Course Description

We will begin this course by showing you the OWASP top 10 proactive controls, its history, and how to find the project on the OWASP website. We will discuss how to verify security, parameterized queries, encode data, and validate inputs. Here, we will also show you how to implement identity and authentication controls, including session management, federation, password management tools, and identity repositories.

We will then learn how to implement access tools and protect data. We will discuss logging and intrusion detection, which includes tips on proper application logging and suggestions on how to implement intrusion detection into your source code.

We will conclude with security frameworks and exception handling, such as leveraging security frameworks and libraries. You will also learn best practices in error and exception handling, especially exiting out of error conditions in a secure way.

Course Details

2h 51m 21s


Robert Hurlbut, CSSLP
I'm an independent software security consultant, software architect, and trainer. I help teams solve problems, learn best approaches, and find success in software security, software architecture, and software development. I have experience in threat modeling, secure code review, cloud security, and development in .NET and Java. My work has spanned many industries, including healthcare, government, telecommunications, manufacturing, finance, and education. I'm a Microsoft MVP for Developer Security, an (ISC)2 Certified Secure Software Lifecycle Professional (CSSLP), and 'm an active member of the Information Systems Security Association (ISSA) - MA:New England Chapter, and OWASP and OWASP, Boston Chapter.
Robert Hurlbut, CSSLPSoftware Security Architect and Trainer

Share Course

Ready to get started?