Secure Coding with the OWASP Top 10 – 2017
Secure coding standards are a set of uniform guidelines that software developers can apply in order to provide safeguards against security vulnerabilities. Having one unified set of guidelines that the organization can refer to makes it easier to define security protocols and builds a common language among team members, such as web coders, project managers, security researchers, and other stakeholders.
The Open Web Application Security Project (OWASP) is dedicated to keeping software secure and making the processes surrounding security transparent so that individuals and organizations can make informed decisions when it comes to secure coding. Individuals, policy makers, trade organizations, governmental entities, universities, and corporations of all sizes have come to rely on OWASP for setting industry standards for secure coding.
Global Learning Systems’ Secure Coding with the OWASP Top 10 – 2017 elearning course features a fresh look at OWASP that dives into the technical aspects of each of the 10 most current risk areas. Geared toward technical learners, this 5-hour course is presented in a modular format with progress tracking that allows learners to complete it at their own pace. To ensure deeper understanding, the training provides insight into the underlying reasons for the existence of each risk.
Woven throughout the training is the concept of having an “information security mindset.” Learners gain an understanding of the critical importance of safe coding practices, and their impact on both application and organizational security. Upon completion of the course, learners will be able to:
- Discuss how to develop an information security mindset and why it is important
- Describe each of the 10 OWASP issues of 2017 and the common activities that might lead to the introduction of these vulnerabilities
- Explain how the issues can be exploited, as well as the security vulnerabilities they create for both standard and emerging technologies
- Identify how OWASP helps to address secure coding requirements for common cybersecurity protocols/frameworks (PCI, NIST, etc.)
- Describe various methods of mitigating or preventing each risk and download a comprehensive job aid for easy post-training reference
- Identify resources for gaining additional information useful in identifying, mitigating, and repairing problems caused by the OWASP Top 10 2017 issues
This training supports compliance with NIST, ISO 27001, ISO 27034, ISO 27002, CIS, Sarbanes Oxley Section 404, PCI-DSS, HIPAA and GDPR.