Difference between revisions of "OWASP Application Security Awareness Top 10 E-learning Project"

From OWASP
Jump to: navigation, search
Line 3: Line 3:
  
 
The course is based on the most recent OWASP Top 10 list, presenting the top web application vulnerabilities.
 
The course is based on the most recent OWASP Top 10 list, presenting the top web application vulnerabilities.
 +
 +
[https://appsec-labs.com/awareness.html Live Demo]
  
 
==Course Methodology==
 
==Course Methodology==
Line 14: Line 16:
 
* Demonstration Video Clips- depiction of the execution of an attack.
 
* Demonstration Video Clips- depiction of the execution of an attack.
  
 +
[[File:Awareness_screenshot.png|500px]]
  
 
=Project About=
 
=Project About=

Revision as of 05:47, 21 January 2013

Main

The application security awareness e-learning course was designed with the intent to present programmers with the fundamental concepts in application security. The course educates programmers regarding the coding pitfalls that make applications vulnerable to attacks and what can be done to avoid the described pitfalls.

The course is based on the most recent OWASP Top 10 list, presenting the top web application vulnerabilities.

Live Demo

Course Methodology

The Methodology of the course is as follows, each of the OWASP top 10 vulnerabilities is divided into 5 different elements:

  • Definition- defining the vulnerability and its origin in the code.
  • Impact- presenting the potential impact of an exploitation of the vulnerability.
  • Example Scenario- presenting an example scenario of code manipulation and its malicious use.
  • Countermeasures- defining the countermeasures which must be implemented in the code in order to prevent vulnerability.
  • Demonstration Video Clips- depiction of the execution of an attack.

Awareness screenshot.png

Project About

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP_Application_Security_Awareness_Top_10_E-learning_Project (home page)
Purpose: The Application Security E-Learning project has set itself the goal of delivering intuitive, concise and precise content in the fundementals of application secure coding.

Main target audience: programmers who wish to learn/ review application security fundamentals.

License: GNU Lesser General Public License
who is working on this project?
Project Leader(s):
  • Erez Metula @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Main links:
Key Contacts
  • Contact Erez Metula @ to contribute to this project
  • Contact Erez Metula @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
1.0 - January 2013 - (download)
last reviewed release
Not Yet Reviewed


other releases