#OWASP Top 10

Comprehensive tutorials on web application penetration testing, covering tools like Burpsuite, vulnerabilities such as XSS and SQL injection, and practical lab setups for hands-on learning.

Add to list

15 Lesons

2 hours 30 minutes

On-Demand

Free-Video

NahamSec

Introduction to Web Hacking - OWASP Juice Shop

Comprehensive introduction to web hacking using OWASP Juice Shop, covering essential techniques and vulnerabilities for aspiring ethical hackers and security enthusiasts.

Add to list

1 Lesons

2 hours 49 minutes

On-Demand

Free-Video

2019 OWASP Top 10 - Part 1

Comprehensive exploration of the first half of OWASP Top 10, covering critical web application security risks and effective mitigation strategies for developers and security professionals.

Add to list

1 Lesons

2 hours 53 minutes

On-Demand

Free-Video

OWASP Top 10 Training - Part 3

Comprehensive exploration of OWASP Top 10 security vulnerabilities, focusing on prevention strategies and best practices for web application security.

Add to list

1 Lesons

1 hour 25 minutes

On-Demand

Free-Video

OWASP Top 10 Training - Part 1

Comprehensive overview of OWASP Top 10 security vulnerabilities, focusing on identification, prevention, and mitigation strategies for web application developers and security professionals.

Add to list

1 Lesons

1 hour 10 minutes

On-Demand

Free-Video

OWASP Top 10 Security Risks - Part 5

Explore the latest OWASP Top 10 security vulnerabilities, their impact, and effective mitigation strategies to enhance web application security and protect against common threats.

Add to list

1 Lesons

53 minutes

On-Demand

Free-Video

RSA Conference

OWASP Top 10 Security Risks for Low-Code/No-Code

Explore security vulnerabilities in low-code/no-code apps, learn about the OWASP Top 10 list, and gain insights from real-world examples to enhance application security in modern development environments.

Add to list

1 Lesons

1 hour

On-Demand

Free-Video

Taking on the King: Killing Injection Vulnerabilities - APPSEC Cali 2018

Explore strategies to combat injection vulnerabilities, including cross-site scripting, with insights on secure coding practices, framework design, and static analysis tools for improved application security.

Add to list

42 Lesons

54 minutes

On-Demand

Free-Video

OWASP Top 10 - Application Security Risks

Explore the latest OWASP Top 10 web application security risks with expert Andrew van der Stock. Learn about critical vulnerabilities and effective mitigation strategies for safer software development.

Add to list

1 Lesons

47 minutes

On-Demand

Free-Video

The Path of Secure Software Development - AppSec EU 2017

Explore proactive security controls for developers to build safer applications. Learn techniques to address common vulnerabilities and integrate security throughout the development lifecycle.

Add to list

25 Lesons

37 minutes

On-Demand

Free-Video

The Gift of Feedback - Enhancing Application Security

Discover how to implement next-generation security by leveraging feedback, pushing security left, and making it consumable. Learn strategies to engage developers and address the challenges of securing complex software workloads.

Add to list

1 Lesons

37 minutes

On-Demand

Free-Video

OWASP Distinguished Lifetime Member Award - Jeff Williams' Contributions

Explore Jeff Williams' contributions to OWASP, including foundational projects, non-profit creation, and innovative security concepts, in this insightful 20th anniversary recognition.

Add to list

14 Lesons

30 minutes

On-Demand

Free-Video

OWASP Top 10 - The Making of the OWASP Top 10 and Beyond

Explore the creation process and principles behind the OWASP Top 10, a crucial resource for web application security, including data analysis, likelihood management, and scoring methodologies.

Add to list

9 Lesons

26 minutes

On-Demand

Free-Video

OWASP Serverless Top 10 - Security Risks and Protections

Explore serverless security risks, challenges, and protective measures. Learn about OWASP Serverless Top 10 and DVSA tool for understanding serverless security implications and processes.

Add to list

18 Lesons

29 minutes

On-Demand

Free-Video

OWASP Top 10 Maturity Categories for Security Champions

Learn to become an effective Security Champion using OWASP's Top 10 Maturity Categories. Explore key responsibilities, maturity models, and strategies for improving organizational security posture.

Add to list

18 Lesons

33 minutes

On-Demand

Free-Video

Vulnerabilities as Ingredients and OWASP Top 10 as Seasoning

Explore how vulnerabilities and OWASP Top 10 interact in application security, using a culinary analogy to demystify complex concepts and enhance understanding of secure development practices.

Add to list

1 Lesons

53 minutes

On-Demand

Free-Video

How Security, Development, and Testing Can Work Together to Stop Recurring Vulnerabilities - OWASP Top 10

Explore strategies for integrating security, development, and testing to prevent recurring vulnerabilities in the OWASP Top 10, fostering collaboration and cultural change for secure software development.

Add to list

16 Lesons

27 minutes

On-Demand

Free-Video

Post-DevOps: What Should We Shift-Left in Application Security?

Exploring post-DevOps challenges in AppSec, focusing on risk profiles, threat response architecture, and operational aspects to enhance security and quality in fast-paced development environments.

Add to list

5 Lesons

26 minutes

On-Demand

Free-Video

Skillful, Scalable Full-Stack Security in a State of Constant Flux

Approaches to maintaining secure full-stack posture at scale in changing environments. Discusses automation vs. human testing, analytics in continuous security, and scaling with human validation and intelligence.

Add to list

1 Lesons

41 minutes

On-Demand

Free-Video

Introduction to the Newest Addition to the OWASP Top 10 - A9 Guidelines

Experts discuss the new OWASP A9 guideline on insecure open source libraries, offering insights on component usage, best practices, and real-world challenges in mitigating risks in agile development.

Add to list

1 Lesons

48 minutes

On-Demand

Free-Video

11,000 Voices - Experts Shed Light on 4-Year Open Source and AppSec Survey

Experts discuss findings from a 4-year study on open source security practices, revealing surprising trends in policy enforcement, vulnerability tracking, and organizational preparedness for security threats like Heartbleed.

Add to list

1 Lesons

47 minutes

On-Demand

Free-Video

OWASP Top 10 Mobile Risks: 2014 Reboot

Explore the updated 2014 OWASP Top 10 Mobile Risks, comparing changes since 2011, understanding new threats, and learning recommended fixes for iOS, Android, and Windows Phone platforms.

Add to list

1 Lesons

31 minutes

On-Demand

Free-Video

Content Security Policy (CSP) - Understanding and Implementing Web Protection

Learn about Content Security Policy (CSP), a powerful browser security feature that mitigates cross-site scripting attacks. Discover its benefits, implementation strategies, and future impact on web security.

Add to list

1 Lesons

32 minutes

On-Demand

Free-Video

Harmonizing OWASP API and Application Top 10 Security Risks - Combining Lists for Comprehensive Coverage

Explore API security risks, comparing OWASP's API and Application Top 10 lists. Learn detection and prevention strategies for vulnerabilities in web services, APIs, and GraphQL.

Add to list

13 Lesons

51 minutes

On-Demand

Free-Video

BSides SATX

A New Architecture for Data Security to Free Incident Responders from False Positives

Explore a new data security architecture that minimizes false positives, enhancing incident response efficiency and improving detection of real security threats.

Add to list

1 Lesons

40 minutes

On-Demand

Free-Video

OWASP Top 10 Security Risks for Large Language Models

Explore OWASP Top 10 LLM security risks, learn mitigation strategies, and understand the impact of Generative AI on cybersecurity in various industries.

Add to list

19 Lesons

39 minutes

On-Demand

Free-Video

Securing Applications in SDLC and Cloud-Native Web and API Protection - Sessions 1 and 2

Learn secure coding practices, identify vulnerabilities, and integrate security into SDLC. Explore cloud-native WAAP for effective web app and API protection using machine learning.

Add to list

25 Lesons

39 minutes

On-Demand

Free-Video

OWASP LLM Top 10 - Understanding Critical Security Risks for Large Language Models

Explore OWASP LLM Top 10: Gain insights into critical security risks, learn practical steps to fortify applications, and stay ahead in cybersecurity with expert R Nagarjun.

Add to list

1 Lesons

29 minutes

On-Demand

Free-Video

Devoxx Poland

What's Not So New in the New OWASP Top 10 - Devoxx Poland 2022

Explore OWASP Top 10 updates, focusing on insecure design. Learn defense-in-depth strategies, secure design principles, and threat modeling methodologies like STRIDE for improved web application security.

Add to list

9 Lesons

17 minutes

On-Demand

Free-Video

OWASP Top 10 Training - Part 4

Comprehensive exploration of OWASP Top 10 security vulnerabilities, offering insights and strategies for web application protection and risk mitigation.

Add to list

1 Lesons

1 hour 35 minutes

On-Demand

Free-Video

OWASP Top 10 - Security Vulnerabilities A8 to A10 - 2017 Edition

Explore OWASP Top 10 vulnerabilities A8 to A10, focusing on insecure deserialization, using components with known vulnerabilities, and insufficient logging and monitoring.

Add to list

1 Lesons

1 hour 5 minutes

On-Demand

Free-Video

OWASP Top 10 2017 - Security Vulnerabilities A4 to A8 - Part 3 of 5

Explore OWASP Top 10 vulnerabilities A4 to A8, gaining insights into critical web application security risks and effective mitigation strategies.

Add to list

1 Lesons

1 hour 18 minutes

On-Demand

Free-Video

OWASP Top 10 - Vulnerabilities A2 to A4 - Part 2 of 5

Explore critical web application security risks A2-A4 from the OWASP Top 10, focusing on broken authentication, sensitive data exposure, and XML external entities.

Add to list

1 Lesons

1 hour 8 minutes

On-Demand

Free-Video

OWASP Top 10 Security Risks - Part 1 of 5

Comprehensive overview of OWASP Top 10 security vulnerabilities, focusing on injection flaws and broken authentication. Learn to identify and mitigate critical web application risks.

Add to list

1 Lesons

1 hour 31 minutes

On-Demand

Free-Video

Building Cloud-Native Security for Apps and APIs with NGINX

Enhance NGINX with robust security features for apps and APIs. Learn practical methods for visibility, real-time protection, and mitigation of OWASP Top10 threats, bots, and data leakage in cloud environments.

Add to list

1 Lesons

24 minutes

On-Demand

Free-Video

Black-Box Approximate Taint Tracking by Utilizing Data Partitioning

Innovative black-box taint tracking system for detecting user input data injection in commands and SQL queries, offering cost-effective and performant runtime protection without code modifications.

Add to list

14 Lesons

36 minutes

On-Demand

Free-Video

Stealth Authentication: Preventing Information Leaks in Web Application Security - APPSEC CA 2017

Explore stealth authentication techniques to enhance web application security by preventing information leaks during the authentication process.

Add to list

22 Lesons

51 minutes

On-Demand

Free-Video

OWASP Top 10 - Introduction to Web Application Security Risks

Comprehensive overview of OWASP Top 10, exploring critical web application security risks and effective mitigation strategies for developers and security professionals.

Add to list

1 Lesons

29 minutes

On-Demand

Free-Video

Hack.me: A New Way to Learn Web Application Security

Explore a free, browser-based platform for practicing offensive techniques on vulnerable web applications. Learn about OWASP Top 10, CMS vulnerabilities, and latest exploits in a sandboxed environment.

Add to list

1 Lesons

44 minutes

On-Demand

Free-Video

RailsGoat: Vulnerable Ruby on Rails Framework for Security Education

Explore RailsGoat, a vulnerable Ruby on Rails app designed to educate developers and security professionals on OWASP Top 10 vulnerabilities and additional security issues.

Add to list

17 Lesons

33 minutes

On-Demand

Free-Video

The 2013 OWASP Top 10 - Understanding Web Application Security Risks

Comprehensive overview of OWASP Top 10 2013, covering changes, risks, and mitigation strategies for web application security. Essential for developers and security professionals.

Add to list

16 Lesons

49 minutes

On-Demand

Free-Video

15 Years of OWASP Top 10 - Has the Cloud Made a Difference?

Explore the evolution of web application security over 15 years, examining the impact of cloud computing on OWASP Top 10 vulnerabilities and current cybersecurity challenges.

Add to list

1 Lesons

50 minutes

On-Demand

Free-Video

Linux Foundation

OWASP Top 10 Vulnerabilities in Node.js - Identification and Prevention

Explore common OWASP Top 10 vulnerabilities in Node.js applications, learn identification techniques, prevention strategies, and best practices for ongoing security.

Add to list

1 Lesons

32 minutes

On-Demand

Free-Video

CNCF [Cloud Native Computing Foundation]

Desktop to Deployment: Kubernetes Security with Checkov

Explore K8s security from desktop to deployment using Checkov. Learn about OS Top 10, CI monitoring, customization, and admission controllers for robust cloud-native security practices.

Add to list

23 Lesons

50 minutes

On-Demand

Free-Video

Scratch Containers and the Supply Chain Trouble

Explore scratch containers, their benefits in reducing vulnerabilities, and potential challenges in software composition analysis. Learn about security implications for containerized applications.

Add to list

1 Lesons

49 minutes

On-Demand

Free-Video

RSA Conference

Securing AI Apps with the OWASP Top Ten for Large Language Models

Explore strategies to mitigate risks in generative AI using OWASP Top 10 for LLMs. Learn best practices for building secure and responsible AI applications in your environment.

Add to list

1 Lesons

49 minutes

On-Demand

Free-Video

Pentesting Swift Application with OWASP iGoat

Learn iOS Swift app pentesting using OWASP iGoat, covering security loopholes, defense strategies, and real-world case studies. Gain skills for product security engineers and bug bounty hunters.

Add to list

24 Lesons

15 minutes

On-Demand

Free-Video

Ekoparty Security Conference

Ekoparty #UniTalks - Víctor Orozco: Seguridad de Aplicaciones Java/JakartaEE con OWASP Top 10

Ejemplos prácticos de vulnerabilidades OWASP Top 10 en Java/JakartaEE y cómo implementar controles de seguridad robustos en backends y microservicios usando APIs estándar como Jakarta EE security y MicroProfile JWT.

Add to list

14 Lesons

47 minutes

On-Demand

Free-Video

Railsgoat - Rails Attack and Defense

Explore RailsGoat, an OWASP project for Rails security training. Learn common vulnerabilities, remediation techniques, and attack scenarios aligned with the OWASP Top 10 using a purposely vulnerable Rails application.

Add to list

14 Lesons

32 minutes

On-Demand

Free-Video

OWASP Standard Classification - Rough Consensus - An OWASP Story

Explore OWASP's journey in establishing software security standards through rough consensus, highlighting challenges, achievements, and future directions in the field.

Add to list

22 Lesons

27 minutes

On-Demand

Free-Video

NDC Conferences

ASP.NET Core Meets OWASP Top 10

Explore ASP.NET Core's security features through the lens of OWASP Top 10, covering authentication, data protection, access control, and more for robust web application security.

Add to list

15 Lesons

54 minutes

On-Demand

Free-Video

Black Hat

Scala Security - Examining the Play and LiftWeb Frameworks

Explore security aspects of Scala's Play and LiftWeb frameworks, including OWASP Top 10 vulnerabilities, exploitation mitigations, and a new Scala library for SSRF prevention.

Add to list

1 Lesons

54 minutes

On-Demand

Free-Video

Devoxx

Black Clouds and Silver Linings in Node.js Security

Explore Node.js security challenges, mitigation strategies, and practical measures for building secure applications. Learn about OWASP Top 10 issues and recent security initiatives in the Node.js ecosystem.

Add to list

1 Lesons

47 minutes

On-Demand

Free-Video

PHP UK Conference

Understanding the OWASP Top 10

Explore critical web application security flaws with examples and best practices. Learn to identify and address OWASP Top 10 vulnerabilities in PHP applications for improved website security.

Add to list

1 Lesons

1 hour 2 minutes

On-Demand

Free-Video

How NOT to Implement Cryptography for the OWASP Top 10 Reloaded

Learn common cryptography implementation mistakes and best practices for securing applications against OWASP Top 10 vulnerabilities with expert Anthony J Stieber.

Add to list

1 Lesons

44 minutes

On-Demand

Free-Video

OWASP Top 10 of 2013 - It's Still a Thing and We're Still Not Getting It

Explore OWASP Top 10 vulnerabilities from 2013, their ongoing relevance, and why organizations struggle to address them effectively in web application security.

Add to list

1 Lesons

46 minutes

On-Demand

Free-Video

Mutillidae Jeremy Druin Part 2

Learn to install and configure Mutillidae, explore security levels, and understand OWASP Top 10 vulnerabilities with expert guidance from Jeremy Druin.

Add to list

10 Lesons

34 minutes

On-Demand

Free-Video

Lessons Learned from a OWASP Top 10 Datacall

Explore insights from OWASP Top 10 Datacall, covering attribution, tools vs. humans, tech complexity, survey results, and vulnerability patterns for improved application security.

Add to list

21 Lesons

54 minutes

On-Demand

Free-Video

Spring I/O

Securing RESTful Services with Spring HATEOAS and HDIV

Innovative approach to automate protection of Spring HATEOAS services against OWASP Top 10 security risks, integrating Spring HATEOAS with Hdiv security framework for RESTful service security.

Add to list

11 Lesons

57 minutes

On-Demand

Free-Video

Spring I/O

From OWASP Top 10 to Secure Applications

Comprehensive overview of OWASP standards and practical security implementations for Spring applications, covering injection, access control, and various protection tools.

Add to list

22 Lesons

43 minutes

On-Demand

Free-Video

ACCU Conference

Common Webapp Vulnerabilities and What to Do About Them

Explore common web app vulnerabilities and practical mitigations based on the OWASP Top 10 List, focusing on injection attacks, authentication issues, and data exposure risks.

Add to list

15 Lesons

1 hour 30 minutes

On-Demand

Free-Video

Gopher Academy

Secure Coding in Go - Avoiding Common Vulnerabilities

Learn secure coding practices in Go, focusing on common vulnerabilities like injections and XSS. Discover best practices, encryption basics, and proactive security measures for robust application development.

Add to list

32 Lesons

38 minutes

On-Demand

Free-Video

NDC Conferences

Practical Security for Web Applications

Explore effective methods to identify and avoid common security pitfalls in web applications, covering OWASP Top 10, code analysis, threat avoidance, and secure authentication practices.

Add to list

36 Lesons

59 minutes

On-Demand

Free-Video

OWASP TOP 10 Security API 2023 for GraphQL - An Interactive Workshop for Developers

Master production-ready GraphQL security techniques with hands-on exercises, following OWASP TOP 10 API 2023 standards. Apply essential concepts in real-world scenarios using Learn.Escape.Tech platform.

Add to list

1 Lesons

25 minutes

On-Demand

Free-Video

Defending Cloud Native Apps Against the Serverless Top 10

Explore serverless security risks, map OWASP Top 10 to app layers, and learn practical defense strategies using open-source tools for cloud-native applications.

Add to list

1 Lesons

20 minutes

On-Demand

Free-Video

NDC Conferences

Introducing the OWASP Top 10 for Kubernetes

Explore Kubernetes security risks, including workload configurations, supply chain vulnerabilities, and RBAC issues. Learn mitigation strategies and best practices for securing containerized infrastructure.

Add to list

17 Lesons

51 minutes

On-Demand

Free-Video

OWASP Top 10 for Machine Learning Security - A Comprehensive Walkthrough

Explore OWASP's top 10 ML security vulnerabilities, gain insights into real-world examples, and learn actionable strategies for securing machine learning models and systems.

Add to list

11 Lesons

57 minutes

On-Demand

Free-Video

Linux Foundation

Harden Your Security Mindset - Breaking Down Critical Security Risks for Web Applications

Boost your IT career by learning key web app security risks, common pitfalls, and effective defense strategies. Gain insights to harden your security mindset and combat vulnerabilities.

Add to list

1 Lesons

1 hour 2 minutes

On-Demand

Free-Video

OWASP Top 10 Security Risks for LLMs - Code Examples and Mitigation Strategies