The [course_title] course covers the fundamental security principles of the web. You will explore the most common attacks along with the fundamental countermeasures that every web application should implement. You will be introduced to the threats that modern web application face and the best ways for securing web applications.
The purpose of the course is to help you to build better and more secure applications.
Assessment
This course does not involve any written exams. Students need to answer 5 assignment questions to complete the course, the answers will be in the form of written work in pdf or word. Students can write the answers in their own time. Each answer needs to be 200 words (1 Page). Once the answers are submitted, the tutor will check and assess the work.
Certification
Edukite courses are free to study. To successfully complete a course you must submit all the assignment of the course as part of the assessment. Upon successful completion of a course, you can choose to make your achievement formal by obtaining your Certificate at a cost of £49.
Having an Official Edukite Certification is a great way to celebrate and share your success. You can:
- Add the certificate to your CV or resume and brighten up your career
- Show it to prove your success
Course Credit: KU Leuven University
Course Curriculum
IS SECURITY AN ILLUSION? | |||
The Web Security Fundamentals course | 00:03:00 | ||
The Terrifying State of Affairs | 00:05:00 | ||
Why Everybody is a Target | 00:05:00 | ||
Approaching Security from the ground up | 00:06:00 | ||
Browser Security Concepts | 00:05:00 | ||
Cookies | 00:05:00 | ||
Towards Client-centric Security | 00:05:00 | ||
Recap and Conclusion | 00:03:00 | ||
SECURING THE COMMUNICATION CHANNEL | |||
Towards Secure Communication | 00:02:00 | ||
The Dangers of an Unprotected Channel | 00:14:00 | ||
The Recent Push for HTTPS | 00:07:00 | ||
Security Properties of HTTPS | 00:06:00 | ||
Keys, Certificates and Ciphers | 00:06:00 | ||
Common Misconceptions about HTTPS | 00:03:00 | ||
Perfect Forward Secrecy | 00:05:00 | ||
Dealing with Mixed Content | 00:07:00 | ||
Partial HTTPS Deployments are not the Answer | 00:02:00 | ||
Redirecting HTTP to HTTPS | 00:05:00 | ||
Enabling Strict Transport Security | 00:07:00 | ||
Practical Deployment scenarios | 00:00:00 | ||
Analyzing the Trust Model Mehind HTTPS | 00:06:00 | ||
The Fragility of the Certificate Ecosystem | 00:03:00 | ||
Certificate Transparency | 00:07:00 | ||
Recap and Conclusion | 00:03:00 | ||
PREVENTING UNAUTHORIZED ACCESS | |||
Access Control in Web Applications | 00:02:00 | ||
Introducing State into your Application | 00:05:00 | ||
The Truth about Passwords | 00:06:00 | ||
Insecure Password Storage | 00:06:00 | ||
Secure Password Storage | 00:05:00 | ||
Preventing Enumeration Attacks | 00:07:00 | ||
Beyond Password-based Authentication | 00:07:00 | ||
Server-side Session Management | 00:05:00 | ||
Securing Session Cookies | 00:06:00 | ||
Alternative Session Management Mechanisms | 00:05:00 | ||
Authorization throughout your application | 00:10:00 | ||
Intentional and Unintentional Requests | 00:06:00 | ||
Direct Access to Objects | 00:05:00 | ||
Recap and Conclusion | 00:03:00 | ||
SECURELY HANDLING UNTRUSTED DATA | |||
The Problem with Untrusted Data | 00:03:00 | ||
The Root Cause of Injection Attacks | 00:04:00 | ||
A Decade of Mitigating Injection | 00:14:00 | ||
Command Injection Vulnerabilities | 00:03:00 | ||
Preventing Command Injection | 00:04:00 | ||
SQL Injection | 00:05:00 | ||
Preventing SQL Injection | 00:04:00 | ||
Traditional XSS Attacks | 00:06:00 | ||
Common Defenses Against XSS Attacks | 00:07:00 | ||
DOM-based XSS Attacks | 00:05:00 | ||
Alternative Injection Attack Vectors | 00:06:00 | ||
HTML5 Sandboxing | 00:05:00 | ||
Content Security Policy | 00:07:00 | ||
Recap and Conclusion | 00:03:00 | ||
Conclusion | 00:03:00 | ||
Assessment | |||
Submit Your Assignment | 00:00:00 | ||
Certification | 00:00:00 |
Course Reviews
No Reviews found for this course.