OWASP API Security Top 10 Course – Secure Your Web Apps
Learn about the OWASP API Security Top 10, 2023 edition. In this crash course, you will learn about each security risk and learn techniques to fortify your APIs against potential threats. The course also covers key concepts that didn’t make it into the Top 10.
✏️ Course created by APIsec University and Corey Ball
Website: https://www.apisecuniversity.com
YouTube: https://www.youtube.com/@apisecu
Twitter: https://twitter.com/apisecu
LinkedIn: https://www.linkedin.com/company/apisec-university
⭐️ Contents ⭐️
Introduction
⌨️ (0:00:00) Welcome to APIsec University
⌨️ (0:01:46) Introduction to OWASP API Security and Beyond!
⌨️ (0:03:06) How the Course Works
⌨️ (0:05:16) Course Objectives
What is the OWASP API Security Top 10
⌨️ (0:06:38) What is OWASP
⌨️ (0:09:58) How is the Top 10 Compiled?
⌨️ (0:12:19) Mapped to External Sources
⌨️ (0:13:30) Updates to the OWASP API Security Top 10
The Top 10
⌨️ (0:19:38) API1:2023 - Broken Object Level Authorization
⌨️ (0:25:07) API2:2023 - Broken Authentication
⌨️ (0:32:23) API3:2023 - Broken Object Property Level Authorization
⌨️ (0:39:08) API4:2023 - Unrestricted Resource Consumption
⌨️ (0:42:54) API5:2023 - Broken Function Level Authorization
⌨️ (0:48:02) API6:2023 - Unrestricted Access to Sensitive Business Flows
⌨️ (0:51:48) API7:2023 - Server Side Request Forgery
⌨️ (0:56:49) API8:2023 - Security Misconfiguration
⌨️ (1:05:00) API9:2023 - Improper Inventory Management
⌨️ (1:11:22) API10:2023 - Unsafe Consumption of APIs
Beyond the Top 10
⌨️ (1:15:19) Injections
⌨️ (1:18:25) Insufficient Logging & Monitoring
⌨️ (1:20:38) Business Logic Flaws
? Thanks to our Champion and Sponsor supporters:
? davthecoder
? jedi-or-sith
? 南宮千影
? Agustín Kussrow
? Nattira Maneerat
? Heather Wcislo
? Serhiy Kalinets
? Justin Hual
? Otis Morgan
? Oscar Rahnama
--
Learn to code for free and get a developer job: https://www.freecodecamp.org
Read hundreds of articles on programming: https://freecodecamp.org/news
✏️ Course created by APIsec University and Corey Ball
Website: https://www.apisecuniversity.com
YouTube: https://www.youtube.com/@apisecu
Twitter: https://twitter.com/apisecu
LinkedIn: https://www.linkedin.com/company/apisec-university
⭐️ Contents ⭐️
Introduction
⌨️ (0:00:00) Welcome to APIsec University
⌨️ (0:01:46) Introduction to OWASP API Security and Beyond!
⌨️ (0:03:06) How the Course Works
⌨️ (0:05:16) Course Objectives
What is the OWASP API Security Top 10
⌨️ (0:06:38) What is OWASP
⌨️ (0:09:58) How is the Top 10 Compiled?
⌨️ (0:12:19) Mapped to External Sources
⌨️ (0:13:30) Updates to the OWASP API Security Top 10
The Top 10
⌨️ (0:19:38) API1:2023 - Broken Object Level Authorization
⌨️ (0:25:07) API2:2023 - Broken Authentication
⌨️ (0:32:23) API3:2023 - Broken Object Property Level Authorization
⌨️ (0:39:08) API4:2023 - Unrestricted Resource Consumption
⌨️ (0:42:54) API5:2023 - Broken Function Level Authorization
⌨️ (0:48:02) API6:2023 - Unrestricted Access to Sensitive Business Flows
⌨️ (0:51:48) API7:2023 - Server Side Request Forgery
⌨️ (0:56:49) API8:2023 - Security Misconfiguration
⌨️ (1:05:00) API9:2023 - Improper Inventory Management
⌨️ (1:11:22) API10:2023 - Unsafe Consumption of APIs
Beyond the Top 10
⌨️ (1:15:19) Injections
⌨️ (1:18:25) Insufficient Logging & Monitoring
⌨️ (1:20:38) Business Logic Flaws
? Thanks to our Champion and Sponsor supporters:
? davthecoder
? jedi-or-sith
? 南宮千影
? Agustín Kussrow
? Nattira Maneerat
? Heather Wcislo
? Serhiy Kalinets
? Justin Hual
? Otis Morgan
? Oscar Rahnama
--
Learn to code for free and get a developer job: https://www.freecodecamp.org
Read hundreds of articles on programming: https://freecodecamp.org/news
freeCodeCamp.org
Learn to code for free....
1-Click AI Web Development Tutorial - Turn Figma Designs into Working Code using AI
freeCodeCamp.org
Serverless Node.js Tutorial – Neon Serverless Postgres, AWS Lambda, Next.js, Vercel
freeCodeCamp.org