The Backend Engineering Show with Hussein Nasser artwork

10 Vulnerabilities to watch for When building secure backend application (OWASP recommendations)

The Backend Engineering Show with Hussein Nasser

English - April 07, 2021 17:00 - 28 minutes - 16.4 MB - ★★★★★ - 5 ratings
Technology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Browser Caching best practices, when to use no-cache vs max-age without breaking your site
Next Episode: Can NULLs Improve your Database Queries Performance? - The Backend Engineering Show

The open web application security project is a recognized entity that helps developers identify critical security vulnerabilities to build secure web applications. In this video I will go through the 10 vulnerabilities and explain each one and give examples and anecdotes from real life examples.


0:00 Building Secure Backends


2:30 Injection


4:50 Broken Authentication


6:43 Sensitive Data Exposure


11:00 XML External Entities (XXE)


13:45 Broken Access Control


17:00 Security Misconfiguration


19:00 XSS


22:45 Insecure Deserialization.


24:48 Using Components with Known Vulnerabilities.


26:00 Insufficient Logging & Monitoring.


Resources


https://owasp.org/www-project-top-ten/


Cards


2:50 SQL Injection https://www.youtube.com/watch?v=Azo9tDUtC9s


4:20 Best practices building REST https://www.youtube.com/watch?v=6zHWU7zBep0&list=PLQnljOFTspQUybacGRk1b_p13dgI-SmcZ&index=4


8:30 TLS playlist youtube.com/playlist?list=PLQnljOFTspQW4yHuqp_Opv853-G_wAiH-


15:00 HTTP Smuggling https://www.youtube.com/watch?v=PFllH0QccCs


19:22 XSS https://www.youtube.com/watch?v=pD6C1-zSxIM


25:10 OpenSSL Crash https://youtu.be/aDPQ0_MyRnc








Support my work on PayPal


https://bit.ly/33ENps4


Become a Member on YouTube


https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join


🧑‍🏫 Courses I Teach


https://husseinnasser.com/courses