• Online, Self-Paced
Course Description

OWASP Top 10 list items 10 and 9 are exploits of APIs and components of web applications.

Learning Objectives

OWASP A10 and A9

  • start the course
  • define what an underprotected API is
  • describe how underprotected APIs can be exploited and what kind of access is needed to exploit it
  • describe how easy it is to detect underprotected APIs and how common they are
  • list the technical and business impacts of underprotected APIs
  • provide examples of underprotected API attacks
  • specify what a vulnerable component is
  • describe how vulnerable components can be exploited and what kind of access is needed to exploit them
  • describe how easy it is to detect vulnerable components and how common they are
  • list the technical and business impacts of vulnerable components
  • provide examples of vulnerable component attacks
  • purchase merchandise at an unauthorized discount

Practice: OWASP A10 and A9 Overview

  • describe what A10 and A9 are and how they affect web application security

Framework Connections

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.