Over a million developers have joined DZone.

Releasing Secure Coding Learning Resources for Everyone to Use

At Secure Code Warrior, we want to help not only students and professionals in Australia but also in the rest of the world, and we are doing that today by providing teaching material on Secure Coding under Common Creative Attribution-NoDerivatives 4.0 International (CC BY-ND 4.0). Read on for more info.

· Web Dev Zone

Start coding today to experience the powerful engine that drives data application’s development, brought to you in partnership with Qlik.

In the majority of countries around the world, a "Cyber Security" skills shortage exists or is developing quite rapidly. In Australia, where the majority of our core development team resides, the government has released a Cyber Security Strategy in April/May 2016, where cyber security skills and education is an important element. 

Image title

At Secure Code Warrior, we want to help not only students and professionals in Australia but also in the rest of the world, and we are doing that today by providing teaching material on Secure Coding under Common Creative Attribution-NoDerivatives 4.0 International (CC BY-ND 4.0)

Image title

  • Sharing — everyone can copy and redistribute the material in any medium or format for any purpose, even commercially
  • Attribution — You must give appropriate credit
  • No Derivates — If you remix, transform, or build upon the material, you may not distribute the modified material.

We are releasing slide packs for free of the OWASP Top 10 for Web Applications but are currently working (together with our partner NVISO in Belgium) on OWASP Top 10 for Mobile ApplicationsOWASP Top 10 for Internet of Things and also some generic Secure Coding concepts.

We have opted to create very concise and short modules for each topic so everyone can decide themselves whether to use these in a classroom setting and cover several modules, or use them in an online environment and give developer bite-size things to learn. Each of the slide-packs are covering:

  1. Summary slide of the topic
  2. One or more practical scenario's to better understand the vulnerability concept and root cause
  3. Examples of potential impact
  4. Recommendations on how to avoid writing these vulnerabilities

Here is a sample on SQL Injections, a vulnerability that has existed since 1999 and still makes monthly appearances in the news.

You can find all slides on slideshare for preview/download, you can access them through our online Secure Code Warrior platform here or you can have the direct links to Google Slides where you can view/print/download them.

OWASP Top 10 for Web Applications

A1-Injection

SQL

OS Command

LDAP

XPath/XML


A2-Broken Authentication

and

Session Management


A3-Cross Site Scripting (XSS)


A4-Insecure Direct
Object Reference


A5-Security Misconfiguration


A6-Sensitive Data Exposure

Insecure Crypto Storage

Insufficient Transport Layer


A7-Missing Function Level

Access Control


A8-Cross-Site Request
Forgery (CSRF)







Other Common Web Application Weaknesses

Create data driven applications in Qlik’s free and easy to use coding environment, brought to you in partnership with Qlik.

Topics:
application security ,software development ,cyber security ,hacking ,secure coding ,security

Published at DZone with permission of Pieter Danhieux. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}