Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Preview
Start a free Courses trial
to watch this video
Computer security covers everything from network security to cryptography to malware analysis, but web security lies at the heart of the field as more and more apps are deployed everyday. As web developers and engineering managers, the responsibility lies with you to educate your co-workers, write secure code, and protect the users and customers of your web applications.
Treehouse Courses
Introduction to Data Security
Introduction to Application Security
Networking Stacks:
[MUSIC]
0:00
Hi, welcome to Treehouse's
course on the OWASP Top 10.
0:09
My name is Jared Smith.
0:12
And in this course, we're going on
a journey to understand the Top 10 most
0:14
common web application vulnerabilities.
0:18
We'll explore their impact on natural
Node.js and JavaScript app, and
0:20
discover how to mitigate them.
0:24
Before jumping into this course, you
should have taken the Treehouse courses
0:27
on data security and
introduction to application Insecurity.
0:30
These provide the foundation for several
of the concepts we will discuss here.
0:34
You will find links to both courses and
the teachers notes on this video's page.
0:38
Keep in mind, you don't need to be an
expert in security to write secure code,
0:42
since security is as broad of
a field as web development itself.
0:47
Security is extremely dynamic, since it
can be applied to nearly any technology.
0:50
As shown here, security ranges up and
down the modern networking stack.
0:55
When you we talk about security, you might
be thinking if we're talking the physical
0:59
ones and zeroes running across the cable.
1:03
This would be very low level.
1:05
Or you might be thinking of protecting
your web apps from malicious threats
1:07
intercepting traffic.
1:10
This will be at the application layer.
1:12
Regardless, it is important to realize
the security is a very broad topic.
1:14
And we'll only be diving into
the parts of security that lie
1:18
in the web protocols at the application
layer of most modern networking stacks.
1:21
Web security concerns the security
of websites, apps, APIs, and
1:26
services in general.
1:30
It covers a wide range of
topics from writing secure code
1:32
to protecting them once they're
already deployed in production.
1:35
On the modern web,
security varies widely from site to site.
1:38
But in this course,
1:41
we're going to take a look at the Top
10 Vulnerabilities in Modern Web Apps.
1:42
From cross site scripting
to database injection and
1:46
misconfiguration, we will cover the most
significant issues out there today.
1:49
Our goal is for
you to go beyond the basics, and
1:54
be able to mitigate existing and
new security flaws.
1:56
This will allow you to make sure
your sites, APIs, services, and
1:59
apps are resistant to attackers.
2:03
Without building and maintaining secure
applications, your users are at risk,
2:06
and your company's assets
may be on the line.
2:10
Within nearly every
competent organization,
2:13
someone should be responsible for
security.
2:15
And at least every developer should know
the basics and be aware of what risks they
2:18
might be introducing into the code base
with every feature and every bug fix.
2:22
No matter what your job at your company,
organization, or even side project,
2:27
you should have security in mind
when you deploy your web apps,
2:31
especially if you have active users.
2:34
By working together and
2:36
putting security first, we can all
reduce the impact that data breaches and
2:37
attackers can cause to the users for
whom we build our technology.
2:42
You need to sign up for Treehouse in order to download course files.
Sign up