The OWASP Top 10 is a community-led, open-source document developed by the Open Web Application Security Project (OWASP) Foundation that identifies the most common web application threats and vulnerabilities and they have released the OWASP Top 10 2021 version. OWASP Top 10 provides a comprehensive guide on the top web application security, risks, impacts, and countermeasures.
This training will help the participants understand the new 2021 OWASP top 10 vulnerabilities and be able to use them to complete web penetration testing engagements.
Topics covered include:
- A01 Broken Access Control
- A02 Cryptographic Failures
- A03 Injection
- A04 Insecure Design
- A05 Security Misconfiguration
- A06 Vulnerable and Outdated Components
- A07 Identification and Authentication Failures
- A08 Software and Data Integrity Failures
- A09 Security Logging and Monitoring Failures
- A10 Server Side Request Forgery (SSRF)
Learning outcomes of the OWASP top 10 training
On completion of this course, the participants will be able to:
- Understand web technologies and how to use tools to interact with them.
- Be familiar with web-based attacks and how to leverage OWASP methodology.
- Understand the OWASP top 10 vulnerabilities 2021 version.
- Conduct a penetration test based on OWASP top 10.
- Implement measures to secure web applications against the top risks.
- Understand how to create a professional web application penetration testing report.