Skip to content

Security Application Security Course

Jump to bottom
enki-hq edited this page May 18, 2020 · 2 revisions

Application Security Course Overview

Table of Contents

Content

Below you can find the ordered content of the topic, in a linear progression

The linear progression of content aims to cover all content, course by course, workout by workout as follows:

  • first course is the only core one, denoted by its manifest
  • the next course is denoted by the first item of the next array in each course manifest
  • each course has its order of workouts designated by the sections field in the same aforementioned manifest

1. intro

Insights:

no name content aspects standards PQ RQ Quiz done
1 what-is-appsec 👶 introduction
2 why-appsec 👶 introduction
3 owasp 👶 introduction
4 automated-tools 👶 introduction
5 what-else-do-you-need-to-know 👶 introduction

Exercises:

⚠️ There are no insights in this workout.

Game:

⚠️ There is no game in this workout.

2. osi-intro

Insights:

no name content aspects standards PQ RQ Quiz done
1 introducing-the-osi-model 👶 introduction
2 identifying-the-physical-layer 👶 introduction
💪 workout
3 identifying-the-network-layer 👶 introduction
💪 workout
4 identifying-the-application-layer 👶 introduction
💪 workout

Exercises:

⚠️ There are no insights in this workout.

Game:

⚠️ There is no game in this workout.

3. osi-ii

Insights:

no name content aspects standards PQ RQ Quiz done
1 identifying-the-data-link-layer 👶 introduction
💪 workout
2 identifying-the-transport-layer 👶 introduction
3 identifying-the-session-layer 👶 introduction
💪 workout
4 identifying-the-presentation-layer 👶 introduction
💪 workout

Exercises:

⚠️ There are no insights in this workout.

Game:

⚠️ There is no game in this workout.

4. securing-each-layer

Insights:

no name content aspects standards PQ RQ Quiz done
1 securing-the-physical-layer 👶 introduction
💪 workout
2 securing-the-data-link-layer 👶 introduction
💪 workout
3 securing-the-network-layer 👶 introduction
💪 workout
4 securing-the-transport-layer 👶 introduction

Exercises:

⚠️ There are no insights in this workout.

Game:

⚠️ There is no game in this workout.

5. securing-each-layer-ii

Insights:

no name content aspects standards PQ RQ Quiz done
1 securing-the-session-layer 👶 introduction
💪 workout
2 securing-the-presentation-layer 👶 introduction
💪 workout
3 securing-the-application-layer 👶 introduction
💪 workout

Exercises:

⚠️ There are no insights in this workout.

Game:

⚠️ There is no game in this workout.

6. xss

Insights:

no name content aspects standards PQ RQ Quiz done
1 xss-introduction 👶 introduction
💪 workout		 xss.1: 10
2 detect-xss 👶 introduction
💪 workout		 xss.0: 10
xss.1: 10
xss.2: 10
xss.5: 10
3 mitigate-xss 👶 introduction
💪 workout		 xss.3: 10
xss.4: 10
xss.6: 10
xss.7: 10

Exercises:

⚠️ There are no insights in this workout.

Game:

⚠️ There is no game in this workout.

7. xxe

Insights:

no name content aspects standards PQ RQ Quiz done
1 xxe-introduction 👶 introduction
💪 workout		 xxe.0: 10
2 detect-xxe 👶 introduction
💪 workout		 xxe.0: 10
xxe.1: 10
3 xxe-prevention 👶 introduction
💪 workout		 xxe.2: 10
4 xxe-security 👶 introduction
💪 workout		 xxe.0: 10
xxe.2: 10

Exercises:

⚠️ There are no insights in this workout.

Game:

⚠️ There is no game in this workout.

8. sql-injection

Insights:

no name content aspects standards PQ RQ Quiz done
1 sql-injection 👶 introduction
💪 workout		 sql-injection.0: 10
sql-injection.4: 10
2 identify-sql-injection 👶 introduction
💪 workout		 sql-injection.0: 10
sql-injection.4: 10
3 mitigate-sql-injection-attacks 👶 introduction
💪 workout		 sql-injection.1: 10
sql-injection.2: 10
sql-injection.5: 10
4 other-forms-of-injection-attacks 👶 introduction
💪 workout		 sql-injection.3: 10

Exercises:

⚠️ There are no insights in this workout.

Game:

⚠️ There is no game in this workout.

9. deserialization

Insights:

no name content aspects standards PQ RQ Quiz done
1 deserialization 👶 introduction
💪 workout		 insecure-deserialization.0: 10
2 identify-deserialization 👶 introduction
💪 workout		 insecure-deserialization.0: 10
insecure-deserialization.1: 10
3 mitigate-deserialization 👶 introduction
💪 workout		 insecure-deserialization.2: 10
4 tokens 👶 introduction
💪 workout		 insecure-deserialization.2: 10

Exercises:

⚠️ There are no insights in this workout.

Game:

⚠️ There is no game in this workout.

10. dependency-analysis

Insights:

no name content aspects standards PQ RQ Quiz done
1 known-vulnerabilities 👶 introduction
✨ new
💪 workout
🦑 deep		 analyze-dependencies.0: 10
analyze-dependencies.1: 10
2 analyze-dependencies 👶 introduction
✨ new
💪 workout
🦑 deep		 analyze-dependencies.1: 10
3 scan-dependencies 👶 introduction
✨ new
💪 workout
🦑 deep		 analyze-dependencies.1: 20
4 establish-upgrade-process 👶 introduction
✨ new
💪 workout
🦑 deep		 analyze-dependencies.2: 10
security-feed.1: 10
automated-tools.1: 10
5 upgrade-process-cadence 👶 introduction
✨ new
💪 workout
🦑 deep		 analyze-dependencies.2: 10

Exercises:

⚠️ There are no insights in this workout.

Game:

⚠️ There is no game in this workout.

11. access-control

Insights:

no name content aspects standards PQ RQ Quiz done
1 broken-access-control 👶 introduction
✨ new
💪 workout
🦑 deep		 broken-access-control.3: 10
2 identify-broken-access-control 👶 introduction
💪 workout
🦑 deep		 broken-access-control.1: 10
broken-access-control.2: 10
3 fix-broken-access-control 👶 introduction
💪 workout
🦑 deep		 broken-access-control.3: 10
4 monitor-broken-access-control 👶 introduction
💪 workout
🦑 deep		 broken-access-control.3: 10
broken-access-control.4: 10
5 process-control-broken-access-control 👶 introduction
💪 workout
🦑 deep
🔮 obscura		 broken-access-control.0: 10
broken-access-control.1: 10
broken-access-control.3: 10

Exercises:

⚠️ There are no insights in this workout.

Game:

⚠️ There is no game in this workout.

12. security-misconfiguration

Insights:

no name content aspects standards PQ RQ Quiz done
1 security-misconfiguration 👶 introduction
💪 workout		 configure-security.0: 10
2 identify-security-misconfiguration 👶 introduction
💪 workout
🦑 deep		 configure-security.0: 10
configure-security.1: 10
configure-security.2: 10
configure-security.3: 10
3 check-defaults 👶 introduction configure-security.1: 10
configure-security.3: 10
4 use-automated-scanners 👶 introduction
✨ new
💪 workout
🦑 deep		 configure-security.0: 10
configure-security.5: 10
automated-tools.1: 10
5 process-control-security-configuration 👶 introduction
✨ new
💪 workout
🦑 deep		 configure-security.4: 10
configure-security.1: 10
configure-security.2: 10
configure-security.5: 10
6 cloud-security-configuration 👶 introduction
✨ new
💪 workout
🦑 deep
🔮 obscura		 configure-security.4: 10
configure-security.1: 10
configure-security.2: 10

Exercises:

⚠️ There are no insights in this workout.

Game:

⚠️ There is no game in this workout.

Standards

✅ - At least one insight covers this

❌ - Nothing covers this

🛠️ - This standard has no objectives yet

❌ Describe the 7 Layers of the OSI Network Model

  1. ❌ Arrange the 7 OSI Layers by level of Abstraction
  2. ❌ Describe the purpose of the OSI model

❌ Identify Each Layer of the OSI Network Model

  1. ❌ Identify and Explain the function of the Physical Layer
  2. ❌ Identify and Explain the function of the Data Link Layer
  3. ❌ Identify and Explain the function of the Network Layer
  4. ❌ Identify and Explain the function of the Transport Layer
  5. ❌ Identify and Explain the function of the Session Layer
  6. ❌ Identify and Explain the function of the Presentation Layer
  7. ❌ Identify and Explain the function of the Application Layer

❌ Apply the Appropriate Controls to Minimize Vulnerability in Each Layer

  1. ❌ Recognize vulnerabilities to the Physical Layer and Apply controls
  2. ❌ Recognize vulnerabilities to the Data Link Layer and Apply controls
  3. ❌ Recognize vulnerabilities to the Network Layer and Apply controls
  4. ❌ Recognize vulnerabilities to the Transport Layer and Apply controls
  5. ❌ Recognize vulnerabilities to the Session Layer and Apply controls
  6. ❌ Recognize vulnerabilities to the Presentation Layer and Apply controls
  7. ❌ Recognize vulnerabilities to the Application Layer and Apply controls

✅ Identify vulnerability to and mitigate SQL Injection Attacks

  1. ✅ Identify SQL injection risks
  2. ✅ Mitigate SQL injection risks using parameters
  3. ✅ Mitigate injection risks using whitelists
  4. ✅ Distinguish between the limitations of SQL Injection mitigation strategies
  5. ✅ Demonstrate a SQL injection attack using parameter manipulation
  6. ✅ Recognize SQL injection vulnerabilities in ORMs & other frameworks

✅ Identify vulnerability to and mitigate XSS attacks

  1. ✅ Identify reflection based XSS vectors
  2. ✅ Identify DOM based XSS vectors
  3. ✅ Identify stored XSS vectors
  4. ✅ Mitigate XSS using encoding & escaping un trusted input
  5. ✅ Mitigate XSS using sanitization techniques
  6. ✅ Test for XSS attacks
  7. ✅ Mitigate XSS attacks using CSP
  8. ✅ Identify common XSS filter circumvention techniques

✅ Identify and prevent vulnerability to XML External Entity Attacks

  1. ✅ Evaluate an application for XML-based attacks using automated tools (such as SAST analyzers)
  2. ✅ Evaluate an application's dependency graph for vulnerable packages and processing methods
  3. ✅ Facilitate change management by creating recommended upgrade paths for developers

✅ Evaluate source code for vulnerabilities to insecure deserialization

  1. ✅ Identify instances of insecure deserialization in source code
  2. ✅ Apply logging and monitoring to deserialization
  3. ✅ Apply industry-standard best practices to mitigate deserialization attack vectors

❌ Identify and protect sensitive data

  1. ❌ Distinguish between sensitive and non-sensitive data categories
  2. ❌ Apply data-specific controls according to regulation or best practices
  3. ❌ Encrypt all sensitive data
  4. ❌ Configure caches not to store sensitive data
  5. ❌ Use up-to-date cryptographic algorithms and techniques

❌ Evaluate an access control scheme for attack vectors and prevent them

  1. ❌ Evaluate authentication forms for automated attack vectors
  2. ❌ Evaluate the credential recovery process for attack vectors
  3. ❌ Evaluate the credential storage scheme for weaknesses
  4. ❌ Evaluate the session layer for session-based attack vectors
  5. ❌ Apply logging and monitoring to authentication schemes

✅ Analyze and report on an application's access control vulnerabilities

  1. ✅ Use an automated tool to evaluate an application's currently implemented access control scheme
  2. ✅ Create a report that lists access points that are not properly access controlled
  3. ✅ Evaluate an application for inappropriate elevation of privilege attack vectors
  4. ✅ Apply current industry best practices to mitigate future access control vulnerability
  5. ✅ Apply logging and monitoring to access-controlled resources

✅ Analyze a given application for common security configuration errors and correct them

  1. ✅ Evaluate the application's default configuration across each part of the stack
  2. ✅ Change all default logins, passwords, and ports
  3. ✅ Disable verbose error reporting and stack trace leakage
  4. ✅ Ensure software is updated to the current Most Secure version
  5. ✅ Review cloud configurations, including service availability, access control and authentication
  6. ✅ Establish a review cadence that is appropriate to the level of risk

✅ Analyze project dependencies to find identified vulnerabilities

  1. ✅ Identify the dependencies of an application, including their specific version number
  2. ✅ Analyze a project's dependencies for security vulnerabilities using an analysis tool
  3. ✅ Mitigate security vulnerabilities by upgrading vulnerable packages uncovered with an analysis tool

❌ Use community-sourced lists of vulnerability and mitigation techniques to advance your security practice

  1. ❌ Identify relevant news sources that discuss vulnerabilities and mitigation strategies in detail
  2. ✅ Identify relevant communities that participate in vulnerability research and mitigation
  3. ❌ Identify relevant events to participate in the application security industry

❌ Use automated tools to scan for vulnerabilities

  1. ❌ Use a network monitoring tool to detect vulnerable network devices
  2. ✅ Use a vulnerability scanner to scan for common application vulnerabilities
  3. ❌ Use a cracking tool to thwart cryptographic security measures

Aspects

Given the insights are tagged with aspects, we can filter over the linear content progression and create learning sub-paths.

These sub-path progressions will most likely not cover all content, but they will ensure and enforce an unified learning experience, tailor for the user wish.

For example, a user might be interested in new additions and updates of a language, rather than introduction lessions. Note that these sub-paths don't take games into consideration

👶 Introduction

If you are being introduced to the topic for the first time

Insights:

  1. what-is-appsec
  2. why-appsec
  3. owasp
  4. automated-tools
  5. what-else-do-you-need-to-know
  6. introducing-the-osi-model
  7. identifying-the-physical-layer
  8. identifying-the-network-layer
  9. identifying-the-application-layer
  10. identifying-the-data-link-layer
  11. identifying-the-transport-layer
  12. identifying-the-session-layer
  13. identifying-the-presentation-layer
  14. securing-the-physical-layer
  15. securing-the-data-link-layer
  16. securing-the-network-layer
  17. securing-the-transport-layer
  18. securing-the-session-layer
  19. securing-the-presentation-layer
  20. securing-the-application-layer
  21. xss-introduction
  22. detect-xss
  23. mitigate-xss
  24. xxe-introduction
  25. detect-xxe
  26. xxe-prevention
  27. xxe-security
  28. sql-injection
  29. identify-sql-injection
  30. mitigate-sql-injection-attacks
  31. other-forms-of-injection-attacks
  32. deserialization
  33. identify-deserialization
  34. mitigate-deserialization
  35. tokens
  36. known-vulnerabilities
  37. analyze-dependencies
  38. scan-dependencies
  39. establish-upgrade-process
  40. upgrade-process-cadence
  41. broken-access-control
  42. identify-broken-access-control
  43. fix-broken-access-control
  44. monitor-broken-access-control
  45. process-control-broken-access-control
  46. security-misconfiguration
  47. identify-security-misconfiguration
  48. check-defaults
  49. use-automated-scanners
  50. process-control-security-configuration
  51. cloud-security-configuration

⚠️ There are no exercises tagged with this aspect in appsec. :warning: There are no games tagged with this aspect in appsec.

💪 Workout

Theory put into practice/that’s how you achieve X points

Insights:

  1. identifying-the-physical-layer
  2. identifying-the-network-layer
  3. identifying-the-application-layer
  4. identifying-the-data-link-layer
  5. identifying-the-session-layer
  6. identifying-the-presentation-layer
  7. securing-the-physical-layer
  8. securing-the-data-link-layer
  9. securing-the-network-layer
  10. securing-the-session-layer
  11. securing-the-presentation-layer
  12. securing-the-application-layer
  13. xss-introduction
  14. detect-xss
  15. mitigate-xss
  16. xxe-introduction
  17. detect-xxe
  18. xxe-prevention
  19. xxe-security
  20. sql-injection
  21. identify-sql-injection
  22. mitigate-sql-injection-attacks
  23. other-forms-of-injection-attacks
  24. deserialization
  25. identify-deserialization
  26. mitigate-deserialization
  27. tokens
  28. known-vulnerabilities
  29. analyze-dependencies
  30. scan-dependencies
  31. establish-upgrade-process
  32. upgrade-process-cadence
  33. broken-access-control
  34. identify-broken-access-control
  35. fix-broken-access-control
  36. monitor-broken-access-control
  37. process-control-broken-access-control
  38. security-misconfiguration
  39. identify-security-misconfiguration
  40. use-automated-scanners
  41. process-control-security-configuration
  42. cloud-security-configuration

⚠️ There are no exercises tagged with this aspect in appsec. :warning: There are no games tagged with this aspect in appsec.

🦑 Deep

Prerequisite knowledge consisting of 2 or more 👶/💪 workouts

Insights:

  1. known-vulnerabilities
  2. analyze-dependencies
  3. scan-dependencies
  4. establish-upgrade-process
  5. upgrade-process-cadence
  6. broken-access-control
  7. identify-broken-access-control
  8. fix-broken-access-control
  9. monitor-broken-access-control
  10. process-control-broken-access-control
  11. identify-security-misconfiguration
  12. use-automated-scanners
  13. process-control-security-configuration
  14. cloud-security-configuration

⚠️ There are no exercises tagged with this aspect in appsec. :warning: There are no games tagged with this aspect in appsec.

✨ New

Recently added/gained traction feature

Insights:

  1. known-vulnerabilities
  2. analyze-dependencies
  3. scan-dependencies
  4. establish-upgrade-process
  5. upgrade-process-cadence
  6. broken-access-control
  7. use-automated-scanners
  8. process-control-security-configuration
  9. cloud-security-configuration

⚠️ There are no exercises tagged with this aspect in appsec. :warning: There are no games tagged with this aspect in appsec.

🔮 Obscura

Stories, obscure details that don’t specifically relate to a learning objective

Insights:

  1. process-control-broken-access-control
  2. cloud-security-configuration

⚠️ There are no exercises tagged with this aspect in appsec. :warning: There are no games tagged with this aspect in appsec.

✅ All content has been tagged with aspects.

Want to contribute to this wiki? Go right ahead! If it has to do with how the Enki software ecosystem works, or editorial guidelines for how to write, let us handle that. Anything else, edit away!

Curriculum Format:

Contributor Resources:

Curriculum overview:

Topic pages:

Clone this wiki locally