Developers

View all 28 of our Developers content pieces available in SecurityIQ.

Infosec Named a Leader in 2019 Gartner Magic Quadrant

Recognized for ability to execute and completeness of vision in Security Awareness Computer-Based Training, learn the latest market trends and what we believe sets Infosec apart.

OWASP A1 - Injection

OWASP A1 - Injection

This module covers various types of injection and the associated risks to applications.

View More
Sensitive Data Exposure

Sensitive Data Exposure

Our Sensitive Data Exposure module reinforces the need for security policies by outlining common risks of mishandled personal information.

View More
OWASP A5 - Broken Access Control

OWASP A5 - Broken Access Control

This module covers broken access control, types of attacks and how to prevent them.

View More
Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF)

In this module, we’ll review common exploitation techniques and ways learners can protect applications from cross-site request forgery.

View More
Buffer Overflow

Buffer Overflow

This module discusses the risks caused by buffer overflows and how to avoid them.

View More
Insecure Deserialization

Insecure Deserialization

This module covers best practices for serialization - the process of turning data objects into binary streams of data.

View More
Security Misconfiguration

Security Misconfiguration

In this module, we define security misconfiguration and offer tips on improving server security.

View More
Buffer Overflow - No BG music

Buffer Overflow - No BG music

This module discusses the risks caused by buffer overflows and how to avoid them.

View More
OWASP Top Ten Overview

OWASP Top Ten Overview

This module will cover the Open Web Application Security Project’s list of the ten most dangerous Web application security flaws.

View More
OWASP A7 - Cross-Site Scripting (XSS)

OWASP A7 - Cross-Site Scripting (XSS)

This module covers cross-site scripting.

View More
Using Components with Known Vulnerabilities

Using Components with Known Vulnerabilities

This module discusses use of components with known vulnerabilities (such as libraries and frameworks) that may undermine application defenses and enable various attacks.

View More
OWASP A3 - Sensitive Data Exposure

OWASP A3 - Sensitive Data Exposure

This module covers sensitive data and how to protect it.

View More
Cross-Site Scripting (XXS)

Cross-Site Scripting (XXS)

Cross-site scripting (XXS) allows attackers to run scripts in a victim’s browser to bypass access controls. In this module, we explain three types of XSS attacks and suggest XXS prevention measures.

View More
Under-protected APIs

Under-protected APIs

This module defines underprotected APIs, explains why API security is important and discusses common attack methods and mitigation strategies.

View More
XML External Entitites (XXE)

XML External Entitites (XXE)

This lesson covers how XXE attacks are executed, and how to prevent those attacks on your applications.

View More
OWASP A8 - Insecure Deserialization

OWASP A8 - Insecure Deserialization

This module covers insecure deserialization vulnerabilities in applications and how to prevent these flaws.

View More
Insufficient Logging and Monitoring

Insufficient Logging and Monitoring

It is imperative that server administrators maintain robust logs of activity on their servers. This module covers the risks associated with improper monitoring.

View More
OWASP A6 - Security Misconfiguration

OWASP A6 - Security Misconfiguration

This module covers security misconfigurations.

View More
OWASP A9 - Using Components with Known Vulnerabilities

OWASP A9 - Using Components with Known Vulnerabilities

This module covers using components with known vulnerabilities.

View More
Broken Access Control

Broken Access Control

This module defines and explains broken access control, which allows attackers to access unauthorized functionality and/or data.

View More
OWASP A2 - Broken Authentication

OWASP A2 - Broken Authentication

This module covers authentication vulnerabilities and session management.

View More
OWASP A10 - Insufficient Logging and Monitoring

OWASP A10 - Insufficient Logging and Monitoring

This module covers insufficient logging and monitoring.

View More
Insufficient Attack Protection

Insufficient Attack Protection

Deploying sufficient attack protection is essential to keeping sensitive information safe from hacking attempts. In this module, we’ll discuss web-application requirements regarding detection, prevention and response to both manual and automated attacks.

View More
Log Monitoring and Analysis Assessment

Log Monitoring and Analysis Assessment

View More
Broken Authentication and Session Management

Broken Authentication and Session Management

This module describes what incorrect implementation of authentication and session management functions are, and explains how it can allow attackers to assume other users’ identities.

View More
Injection

Injection

Injection is one of the most common, and harmful, security risks to web applications. This module details different types of injection and suggests effective mitigation strategies for the workplace.

View More
OWASP A4 - XML External Entities (XXE)

OWASP A4 - XML External Entities (XXE)

This module covers XML external entities, their flaws and how to protect them.

View More
Top 25 #1 - SQL Injection

Top 25 #1 - SQL Injection

This module discusses the risks of SQL injection attacks and how to prevent them.

View More