Least Privilege

This course introduces the principle of least privilege and its importance in secure coding.

7 videos  //  33 minutes of training

Free training week — 1,400+ on-demand courses and hands-on labs

Course description

Least privilege is not so much a vulnerability as a vulnerability multiplier. Any error that allows an attacker to gain control of a program only grows worse when that application is running with high-level permissions. This course suggests how to implement applications in a way that minimizes the permissions needed.

Course syllabus

Introduction to Least PrivilegeDuration: 1:50

This video provides an introduction to the least privilege course.

Introduction to PrivilegesDuration: 8:13

This video covers the fundamentals of privileges in operating systems.

Least Privilege VulnerabilitiesDuration: 5:56

This video describes how failure to obey least privilege can amplify the impact of an attack.

Least Privilege ExploitationDuration: 4:00

This video describes how failure to obey least privilege can be exploited by an attacker.

Least Privilege Case StudyDuration: 4:59

This video describes a case study of an application that failed to obey least privilege.

Least Privilege MitigationsDuration: 3:13

This video describes how to implement least privilege.

Least Privilege DemoDuration: 4:55

This video demonstrates exploitation of a failure to obey least privilege.

Meet the author

Howard Poston

LinkedIn

Howard Poston is a cybersecurity researcher with a background in blockchain, cryptography and malware analysis. He has a master's degree in Cyber Operations from the Air Force Institute of Technology and two years of experience in cybersecurity research and development at Sandia National Labs. He currently works as a freelance consultant providing training and content creation for cyber and blockchain security. He can be reached by email at [email protected] or via his website at https://www.howardposton.com.

Plans & pricing

Infosec Skills Personal

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Award-winning training that you can trust

IDC MarketScape Leader: U.S. IT Training

IDC MarketScape Leader: U.S. IT Training

Infosec Skills

eLearning Content

eLearning Content

Infosec Skills

Best Product - Cybersecurity Training for Infosec Professionals

Best Product - Cybersecurity Training for Infosec Professionals

Infosec Skills

Security Education & Platform

Security Education & Platform

Infosec Skills

Ranked #52 in Top 100 Global Software Sellers

Ranked #52 in Top 100 Global Software Sellers

Infosec