The Backend Engineering Show with Hussein Nasser

10 Vulnerabilities to watch for When building secure backend application (OWASP recommendations)

Listen Later

The open web application security project is a recognized entity that helps developers identify critical security vulnerabilities to build secure web applications. In this video I will go through the 10 vulnerabilities and explain each one and give examples and anecdotes from real life examples.

0:00 Building Secure Backends

2:30 Injection

4:50 Broken Authentication

6:43 Sensitive Data Exposure

11:00 XML External Entities (XXE)

13:45 Broken Access Control

17:00 Security Misconfiguration

19:00 XSS

22:45 Insecure Deserialization.

24:48 Using Components with Known Vulnerabilities.

26:00 Insufficient Logging & Monitoring.

Resources

https://owasp.org/www-project-top-ten/

Cards

2:50 SQL Injection https://www.youtube.com/watch?v=Azo9tDUtC9s

4:20 Best practices building REST https://www.youtube.com/watch?v=6zHWU7zBep0&list=PLQnljOFTspQUybacGRk1b_p13dgI-SmcZ&index=4

8:30 TLS playlist youtube.com/playlist?list=PLQnljOFTspQW4yHuqp_Opv853-G_wAiH-

15:00 HTTP Smuggling https://www.youtube.com/watch?v=PFllH0QccCs

19:22 XSS https://www.youtube.com/watch?v=pD6C1-zSxIM

25:10 OpenSSL Crash https://youtu.be/aDPQ0_MyRnc




Support my work on PayPal

https://bit.ly/33ENps4

Become a Member on YouTube

https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

🧑‍🏫 Courses I Teach

https://husseinnasser.com/courses

...more
View all episodesView all episodes
Download on the App Store
The Backend Engineering Show with Hussein NasserBy Hussein Nasser
  • 4.9
  • 4.9
  • 4.9
  • 4.9
  • 4.9

4.9

40 ratings

More shows like The Backend Engineering Show with Hussein Nasser

View all
Freakonomics Radio by Freakonomics Radio + Stitcher

Freakonomics Radio

32,263 Listeners

Software Engineering Radio - the podcast for professional software developers by team@se-radio.net (SE-Radio Team)

Software Engineering Radio - the podcast for professional software developers

273 Listeners

Risky Business by Patrick Gray

Risky Business

373 Listeners

Science Vs by Spotify Studios

Science Vs

12,166 Listeners

Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

Syntax - Tasty Web Development Treats

990 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,110 Listeners

Practical AI by Practical AI LLC

Practical AI

212 Listeners

Within Reason by Alex J O'Connor

Within Reason

1,659 Listeners

All-In with Chamath, Jason, Sacks & Friedberg by All-In Podcast, LLC

All-In with Chamath, Jason, Sacks & Friedberg

10,231 Listeners

Dwarkesh Podcast by Dwarkesh Patel

Dwarkesh Podcast

548 Listeners

Big Technology Podcast by Alex Kantrowitz

Big Technology Podcast

514 Listeners

Hard Fork by The New York Times

Hard Fork

5,544 Listeners

The AI Daily Brief: Artificial Intelligence News and Analysis by Nathaniel Whittemore

The AI Daily Brief: Artificial Intelligence News and Analysis

659 Listeners

Prof G Markets by Vox Media Podcast Network

Prof G Markets

1,471 Listeners

The Pragmatic Engineer by Gergely Orosz

The Pragmatic Engineer

74 Listeners