Web Application Security for the Everyday Software Engineer

INTERACTIVE COURSE

Web Application Security for the Everyday Software Engineer

Intermediate

72 Lessons

4h

Certificate of Completion

Web Application Security for the Everyday Software Engineer

12 Playgrounds

7 Quizzes

59 Illustrations

Course Overview

There are more vulnerabilities than ever when creating applications for the web, so it is extremely important that software developers enforce security best practices such as, how to add protection through HTTP headers. In this course, you will start off by learning how to prevent fraudulent SSL certificates from being served to clients, before moving on to how to defend against XSS attacks and clickjacking. In the latter half of the course, you’ll learn security practices related to HTTP cookies, and ti...Show More

Course Content

1

Introduction

Introduction to the Course

Who This Course Is For?Formatting Errata and Additional Content

2

Understanding The Browser

Browser Basics What Does a Browser Do?Vendors

A Browser for Developers Quiz Yourself on Browsers

3

HTTP

Introduction to HTTP How HTTP Works Mechanics: HTTP vs HTTPS vs H2 Mechanics: Encryption HTTPS Everywhere GET vs POST Quiz Yourself on HTTP

4

Protection through HTTP Headers

HTTP Strict Transport Security HTTP Public Key Pinning Expect-CT

X-Frame-Options Content-Security-Policy X-XSS-Protection Feature-Policy X-Content-Type-Options Cross Origin Resource Sharing X-Permitted-Cross-Domain-Policies & Referrer-Policy The reporting API Quiz Yourself on HTTP Headers

5

HTTP Cookies

Introduction HTTP Cookies What's Behind a Cookie?Session and Persistent Cookies Host-only Supercookies Encrypt it Or Forget it JavaScript Can't Touch This SameSite: The CSRF Killer Alternatives Conclusion: What Would LeBron Do?Quiz Yourself on HTTP Cookies

6

Situationals

16 Lessons

7

DDoS Attacks

7 Lessons

8

Bug Bounty Programs

7 Lessons

9

Conclusion

3 Lessons

COURSE AUTHOR

How You'll Learn

You don’t get better at swimming by watching others. Coding is no different. Practice as you learn with live code environments inside your browser.

Videos are holding you back. Educative‘s interactive, text-based lessons accelerate learning — no setup, downloads, or alt-tabbing required.

Learn faster and smarter with adaptive AI tools embedded in every Educative course.

Built-in assessments let you test your skills. Completion certificates let you show them off.

Recommended Courses

BEFORE STARTING THIS COURSE

AFTER FINISHING THIS COURSE

FOR TEAMS

Interested in this course for your business or team?

Unlock this course (and 1,000+ more) for your entire org with DevPath