OWASP Top 10
ditechsolutions.com
Business & Industrial / Advertising & Marketing

OWASP Top 10

$250.00
{{option.name}}: {{selected_options[option.position]}}
{{value_obj.value}}
Store Logo

DiTech Solutions

View Store

h3 strong, strong { color: blue; } Course Overview The Open Web Application Security Project (OWASP) provides an ongoing list of the Top 10 security flaws that have enabled many successful cyberattacks over the past few years. The list is a great starting place for setting your cybersecurity training agenda in 2020, not only for your security team, but also for your web application developers and DevOps teams. Here is the current OWASP top 10 list. Injection Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Security Misconfiguration Cross-Site Scripting (XSS) Insecure Deserialization Using Components with Known Vulnerabilities Insufficient Logging and Monitoring To help you create that training plan, we have mapped our DiTech Solutions Training Modules to OWASP's Top Ten List. As you would expect, of the three DiTech Solutions training tracks, Web Application Security (WASE), Security Operations (SOC), and DevOps, the majority of training falls under web application security, with a few falling under security operations. We offer coverage to 90% of OWASP's 2019 Top 10 List. Here is our coverage Injection Wase - Blind Command Injection: Find & Exploit (NodeJS) Wase - Blind Command Injection: Fix (NodeJS) Wase - Blind NoSQL Injection: Find & Exploit (Meteor) Wase - Blind SQL Injection: Find & Exploit (PHP) Wase - Command Injection: Find & Exploit (PHP) Wase - Command Injection: Fix (PHP) Wase - NoSQL Injection 1: Exploit Wase - NoSQL Injection 1: Find Wase - NoSQL Injection 1: Fix Wase - NoSQL Injection 2: Exploit Wase - NoSQL Injection 2: Fix Wase - SQL Injection: Authentication Bypass Wase - SQL Injection: Prelude Wase - SQL Injection: Union Select Sensitive Data Exposure Wase - XML External Entity (Java) Security Misconfiguration Currently no direct coverage Broken Authentication Wase - Cookie Security: HttpOnly: Find & Exploit (NodeJS) Wase - Cookie Security: HttpOnly: Find & Exploit (PHP) Wase - Cookie Security: HttpOnly: Fix (NodeJS) Wase - Cookie Security: HttpOnly: Fix (PHP) Wase - Cookie Security: Secure: Find & Exploit (NodeJS Wase - Cookie Security: Secure: Find & Exploit (PHP) Wase - Cookie Security: Secure: Fix (NodeJS) Wase - Cookie Security: Secure: Fix (PHP) Sensitive Data Exposure Wase - Unrestricted File Upload: Find & Exploit (NodeJS) Wase - Unrestricted File Upload: Fix (NodeJS) Wase - Cookie Security: Secure: Find & Exploit (NodeJS) Wase - Cookie Security: Secure: Find & Exploit (PHP) Wase - Cookie Security: Secure: Fix (NodeJS) Wase - Cookie Security: Secure: Fix (PHP) DiTech Solutions constantly adds new modules and we will update this mapping every quarter. Please check with your DiTech Solutions account representative to make sure you have the most up-to-date mapping. If you need support in developing your training plan, or want to test drive a few of these modules, reach out and ask. Cross-site Scripting Wase - DOM-based XSS: Fix (JavaScript) Wase - XSS Filter Evasion: Find & Exploit (PHP) Wase - XSS Filter Evasion: Fix (PHP) Wase - XSS: Reflected Wase - XSS: Stored Wase - XSS: Stored-based Phishing Insecure Deserialization Wase - Insecure Deserialization (Java) Using Components with Known Vulnerabilities SOC - Docker RunC Container Escape SOC - Privilege Escalation: Kernel Exploit (Dirty Cow) SOC Challenge - Uncontained SOC Challenge - Webmin Insufficient Logging and Monitoring Wase - XSS Filter Evasion: Find & Exploit (PHP) Wase - XSS Filter Evasion: Fix (PHP) Security Tools - Brute-force Defense SOC - IDS/IPS: Suricata Basics SOC - IDS/IPS: Suricata IDS Rules SOC - IDS/IPS: Suricata Rule Management Broken Access Control Wase - Insecure Direct Object Reference 2: Exploit Wase - Insecure Direct Object Reference 2: Fix Wase - Insecure Direct Object Reference: Find & Exploit (NodeJS) Wase - Insecure Direct Object Reference: Find & Exploit (PHP) Wase - Insecure Direct Object Reference: Fix (NodeJS) Wase - Insecure Direct Object Reference: Fix (PHP) Wase - Path Traversal: Find & Exploit (NodeJS) Wase - Path Traversal: Find & Exploit (PHP) Wase - Path Traversal: Fix (NodeJS) Wase - Path Traversal: Fix (PHP) Wase - JSON Web Token Security Wase Challenge - JWT 1 Wase Challenge - JWT 2 Wase Challenge - JWT 3 Wase - API Security: Exposed Tokens Wase - Cookie Security: HttpOnly: Find & Exploit (NodeJS) Wase - Cookie Security: HttpOnly: Find & Exploit (PHP) Wase - Cookie Security: HttpOnly: Fix (NodeJS) Wase - Cookie Security: HttpOnly: Fix (PHP) Wase - Cookie Security: Secure: Find & Exploit (NodeJS) Wase - Cookie Security: Secure: Find & Exploit (PHP) Wase - Cookie Security: Secure: Fix (NodeJS) Wase - Cookie Security: Secure: Fix (PHP) About OWASP OWASP is a worldwide nonprofit organization that focuses on improving software security. The main mission of OWASP is to ensure that software security is visible, and to provide insights and tools to help improve application security globally. Open Web Application Security Project, OWASP, Global AppSec, AppSec Days, AppSec California, SnowFROC, LASCON, and the OWASP logo are trademarks of the OWASP Foundation. Copyright 2020, OWASP Foundation, Inc.

Show More Show Less