With threats coming from multiple directions, it’s critical that today’s developers understand the consequences of unsafe coding and their role in reducing risk. Many of the most damaging breaches splashed across the headlines could have been avoided if secure coding practices were better understood and prioritized. The OWASP Top 10 2017 course from GLS a true secure coding course, written by a content expert and designed to change your developers’ behavior.
The course begins by introducing the OWASP Top 10 2017 risks and why adopting secure coding practices is critical to building a successful information security program. Fundamental security concepts like the CIA Triad and Six Pillars of Application Security are woven throughout the modules, and reinforce that addressing risk is every developer’s responsibility. Secure coding guidelines are highlighted along the way.
Each of the next ten modules dives into one of the OWASP Top Ten 2017 risks, with detailed explanations accompanied by thought-provoking scenarios and custom images that focus on the fundamental problems and their solutions. These OWASP training modules provide insight into the underlying reasons for the existence of each risk. There’s also a focus on the use of emerging technologies and their particular vulnerabilities, such cloud computing, APIs, Internet of Things (IoT), mobile application development and blockchain, to name a few.
Unlike most courses in secure coding practices, this 6-hour OWASP Top 10 training can be taken at work, at the learner’s own pace and will challenge new and senior developers alike. It also includes a downloadable PDF booklet of prevention and mitigation strategies for each risk and additional recommended resources. This booklet can be used for continuing education such as researching details for a specific programming language, planning additional internal training, or even investigating the cause of and best solutions for a breach.
Upon completion of the course, learners will be able to:
- Describe each of the OWASP Top 10 2017 risks and the common activities that might lead to the introduction of these vulnerabilities
- Explain how the issues can be exploited, as well as the security vulnerabilities they create for both standard and emerging technologies
- Identify how the OWASP Top Ten 2017 framework helps to address secure coding requirements for common cybersecurity protocols/frameworks (PCI, NIST, etc.)
- Describe various methods of mitigating or preventing each risk and download a comprehensive job aid for easy post-training reference
- Identify resources for gaining additional information useful in identifying, mitigating and repairing problems caused by the OWASP Top 10 2017 issues