Sign up to save your podcasts
Or
Share 10 Vulnerabilities to watch for When building secure backend application (OWASP recommendations)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
10 Vulnerabilities to watch for When building secure backend application (OWASP recommendations)
The open web application security project is a recognized entity that helps developers identify critical security vulnerabilities to build secure web applications. In this video I will go through the 10 vulnerabilities and explain each one and give examples and anecdotes from real life examples.
0:00 Building Secure Backends
2:30 Injection
4:50 Broken Authentication
6:43 Sensitive Data Exposure
11:00 XML External Entities (XXE)
13:45 Broken Access Control
17:00 Security Misconfiguration
19:00 XSS
22:45 Insecure Deserialization.
24:48 Using Components with Known Vulnerabilities.
26:00 Insufficient Logging & Monitoring.
Resources
https://owasp.org/www-project-top-ten/
Cards
2:50 SQL Injection https://www.youtube.com/watch?v=Azo9tDUtC9s
4:20 Best practices building REST https://www.youtube.com/watch?v=6zHWU7zBep0&list=PLQnljOFTspQUybacGRk1b_p13dgI-SmcZ&index=4
8:30 TLS playlist youtube.com/playlist?list=PLQnljOFTspQW4yHuqp_Opv853-G_wAiH-
15:00 HTTP Smuggling https://www.youtube.com/watch?v=PFllH0QccCs
19:22 XSS https://www.youtube.com/watch?v=pD6C1-zSxIM
25:10 OpenSSL Crash https://youtu.be/aDPQ0_MyRnc
Support my work on PayPal
https://bit.ly/33ENps4
Become a Member on YouTube
https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join
π§βπ« Courses I Teach
https://husseinnasser.com/courses
View all episodes
By Hussein Nasser
4.9
4040 ratings
The open web application security project is a recognized entity that helps developers identify critical security vulnerabilities to build secure web applications. In this video I will go through the 10 vulnerabilities and explain each one and give examples and anecdotes from real life examples.
0:00 Building Secure Backends
2:30 Injection
4:50 Broken Authentication
6:43 Sensitive Data Exposure
11:00 XML External Entities (XXE)
13:45 Broken Access Control
17:00 Security Misconfiguration
19:00 XSS
22:45 Insecure Deserialization.
24:48 Using Components with Known Vulnerabilities.
26:00 Insufficient Logging & Monitoring.
Resources
https://owasp.org/www-project-top-ten/
Cards
2:50 SQL Injection https://www.youtube.com/watch?v=Azo9tDUtC9s
4:20 Best practices building REST https://www.youtube.com/watch?v=6zHWU7zBep0&list=PLQnljOFTspQUybacGRk1b_p13dgI-SmcZ&index=4
8:30 TLS playlist youtube.com/playlist?list=PLQnljOFTspQW4yHuqp_Opv853-G_wAiH-
15:00 HTTP Smuggling https://www.youtube.com/watch?v=PFllH0QccCs
19:22 XSS https://www.youtube.com/watch?v=pD6C1-zSxIM
25:10 OpenSSL Crash https://youtu.be/aDPQ0_MyRnc
Support my work on PayPal
https://bit.ly/33ENps4
Become a Member on YouTube
https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join
π§βπ« Courses I Teach
https://husseinnasser.com/courses
More shows like The Backend Engineering Show with Hussein Nasser
View all
Software Engineering Radio
273 Listeners
The Changelog: Software Development, Open Source
292 Listeners
Software Engineering Daily
625 Listeners
The Cloudcast
153 Listeners
Talk Python To Me
585 Listeners
Soft Skills Engineering
288 Listeners
Python Bytes
214 Listeners
Y Combinator Startup Podcast
236 Listeners
Syntax - Tasty Web Development Treats
983 Listeners
Practical AI
213 Listeners
The Stack Overflow Podcast
63 Listeners
The Real Python Podcast
141 Listeners
Dwarkesh Podcast
505 Listeners
Big Technology Podcast
478 Listeners
Oxide and Friends
60 Listeners