Code-Data Separation

Take a look at ensuring segregation of trusted and untrusted items.

4 videos  //  62 minutes of training

Free training week — 1,400+ on-demand courses and hands-on labs

Course description

This course covers the separation of our code and data to prevent some of the most common types of attacks. These include SQL injection, XSS, CSRF, data leaks and source disclosure.

Course syllabus

SQL InjectionDuration: 16:35

Using secure database interactions to prevent attacks.

XSS and CSRFDuration: 15:53

Defending against common spoofing attacks.

Data Leaks and Source DisclosureDuration: 9:00

How to prevent revealing secure information.

Application Settings and SecretsDuration: 20:36

Explore best practices for storing and using application settings.

Meet the author

David Myers

LinkedIn

David Myers is a senior full-stack software engineer specializing in the development of complex web applications, with over 18 years of experience developing for the web. He primarily works within the LAMP stack of technologies but often utilizes whatever technology is needed. This includes Nginx, Python and Redis when discussing back-end technologies and ES6, Typescript, jQuery and Angular for front-end technologies. He has a broad range of experience working with clients and companies across many different industries.

Plans & pricing

Infosec Skills Personal

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Award-winning training that you can trust

IDC MarketScape Leader: U.S. IT Training

IDC MarketScape Leader: U.S. IT Training

Infosec Skills

eLearning Content

eLearning Content

Infosec Skills

Best Product - Cybersecurity Training for Infosec Professionals

Best Product - Cybersecurity Training for Infosec Professionals

Infosec Skills

Security Education & Platform

Security Education & Platform

Infosec Skills

Ranked #52 in Top 100 Global Software Sellers

Ranked #52 in Top 100 Global Software Sellers

Infosec