• Online, Self-Paced
Course Description

Caching problems are underestimated by developers and security engineers. In this course, Web App Hacking: Caching Problems, you'll learn why this subject is important and how severe consequences can happen as a result of caching problems. First, you'll see that sensitive data from your web application can be exposed to everyone on the Internet as a result of Google Caching. Next, you'll discover how your password can be cached in plaintext as a result of cacheable HTTPS responses. After that, you'll see how credit card data can be insecurely processed in terms of cache. Then, you'll learn why sensitive data should never be sent in the URL. Finally, you'll explore how the caching problems, that are discussed in this course, are related to industry best practices. By the end of the course, you'll know how to test web applications for different types of caching problems.

Learning Objectives

  • Google Caching
  • Cacheable HTTPS Responses
  • Caching of Credit Card Data
  • Sensitive Data in the URL
  • Industry Best Practices

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.