Web applications are vulnerable to many more types of attacks than traditional client-server applications. These vulnerabilities can result in serious monetary losses and reputational damage to organizations.
This course covers how attacks are constructed and techniques that can be used to mitigate web vulnerabilities such as client-state manipulation, cookie-based attacks, SQL injection, cross domain attacks (XSS, XSRF, XSSI), DNS rebinding, timing attacks, user tracking and HTTP header injection.
Includes exclusive interviews with Mukul Khullar (Staff Information Security Engineer, LinkedIn) and Parisa Tabriz (Engineering Director, Google).
You Will Learn
Injection and Cross Domain Attacks
Web Security: HTTPS
Web Security: Session Managements
Web Background and the Browser Security Model
Dan Boneh, Professor of Computer Science and of Electrical Engineering, Stanford University
Neil Daswani, Chief Information Security Officer, LifeLock (acquired by Symantec)
John Mitchell, Professor of Computer Science and, by courtesy, of Electrical Engineering and of Education, Stanford University