Application Security Essentials

As someone starting out with application security, this is where you begin. It’s time to discover the fundamentals of AppSec and hone your skills on the industry’s first and most important battleground: the OWASP Top 10. This is a list of the 10 most common and critical vulnerabilities that affect applications of all kinds, and it is the ideal place to start learning about Application Security and its complex, multi-layered relationship with product engineering. Every AppSecEngineer course is designed to be useful both from the perspective of a learner who’s encountering these subjects for the first time, as well as a seasoned professional who consistently returns to the material as a reference for real-world projects. This Learning Path is meant for people looking to gain a firm grasp on the fundamentals of application security. This includes learning about the most common vulnerabilities present in apps, how they’re used to attack networks and apps, and best practices to prevent and mitigate them.

Courses in this learning path:

After completing this learning path, you'll be able to:

Understand how Injection, XXE, Insecure Deserialization, Server-Side Request Forgery, Cross-Site Scripting, and Session Management flaws work on an operational level
Use the most common and critical vulnerabilities to attack and breach sensitive apps
Use the most effective battle-tested methods to defend your apps against these flaws
Experience dealing with real-world attack scenarios most common among enterprise applications