This online training course is an introduction to securing your Python application, a dynamic language popular for web development, IT security, big data, science, and scripting. This Python online training course covers how to use Bandit, how to implement the Flask-Security, understanding XSS, CSRF attacks, security in the apps APIs, and more!
Overview
COURSE INSTRUCTOR
Skills Learned
After completing this online training course, students will be able to:
Overview of course and course-level learning objectives
Quick overview of some common concepts and resources for securing your app
Learn how to use Bandit to detect potential security issues in your Python code
Understand how to implement the Flask-Security package
Understand the risk of XSS and how to mitigate this in your Flask app
Understand how CSRF attacks work and how to mitigate them in your Flask app
Understand how SQL injection works and how to mitigate in your app
Explore the various HTTP headers that allow an application to work with the browser to control security
Improve the security of our app using what we’ve learned
Increase security of our app using what we’ve learned
Increase security in the apps APIs
Explain and fix all detected issues using the Bandit package
Learn about various types of input injections
Understand why we only use asserts to communicate with other developers, and never for production evaluations
Understand how to securely parse yaml data in your app
This online training course is for anyone looking to properly secure your Python applications.
None, but we recommend that students either attend Python Foundations or have equivalent Python experience.
01.
- What is App security?
- Why do we care about app security?
- OWASP
- SSI/TLS
- Hacking tools repository
- Session based Autho
- What is Bandit?
- Installing the Bandit package
- Bandit options and configs
- Running Bandit against our code
- What is Flask-Security?
- Session based auth
- Password hashing
- What is XSS?
- How can XSS be used to exploit apps?
- XSS prevention
- What is CSRF?
- Mitigating CSRF in Flask Apps
- What is SQL injection?
- Is SQL injection common?
- Mitigation
- HSTS
- CSP
- X-ContentType-Options
- X-Frame-Options
- X-XSS-Protection
- SetCookie-Options
- Improve user authentication
- Improve DB data storage
- Explore data encryption options
- API authentication
- Managing API users
- Explain and fix all detected issues using the Bandit package
- What is input injection?
- Mitigation
- What is assert?
- Why are asserts dangerous?
- What is yaml.load?
- Potential dangers in using yaml.load
SKILLS LEARNED
Skills Learned
After completing this online training course, students will be able to:
Overview of course and course-level learning objectives
Quick overview of some common concepts and resources for securing your app
Learn how to use Bandit to detect potential security issues in your Python code
Understand how to implement the Flask-Security package
Understand the risk of XSS and how to mitigate this in your Flask app
Understand how CSRF attacks work and how to mitigate them in your Flask app
Understand how SQL injection works and how to mitigate in your app
Explore the various HTTP headers that allow an application to work with the browser to control security
Improve the security of our app using what we’ve learned
Increase security of our app using what we’ve learned
Increase security in the apps APIs
Explain and fix all detected issues using the Bandit package
Learn about various types of input injections
Understand why we only use asserts to communicate with other developers, and never for production evaluations
Understand how to securely parse yaml data in your app
WHO SHOULD ATTEND
This online training course is for anyone looking to properly secure your Python applications.
PREREQUISITES
None, but we recommend that students either attend Python Foundations or have equivalent Python experience.
COURSE OUTLINE
01.
- What is App security?
- Why do we care about app security?
- OWASP
- SSI/TLS
- Hacking tools repository
- Session based Autho
- What is Bandit?
- Installing the Bandit package
- Bandit options and configs
- Running Bandit against our code
- What is Flask-Security?
- Session based auth
- Password hashing
- What is XSS?
- How can XSS be used to exploit apps?
- XSS prevention
- What is CSRF?
- Mitigating CSRF in Flask Apps
- What is SQL injection?
- Is SQL injection common?
- Mitigation
- HSTS
- CSP
- X-ContentType-Options
- X-Frame-Options
- X-XSS-Protection
- SetCookie-Options
- Improve user authentication
- Improve DB data storage
- Explore data encryption options
- API authentication
- Managing API users
- Explain and fix all detected issues using the Bandit package
- What is input injection?
- Mitigation
- What is assert?
- Why are asserts dangerous?
- What is yaml.load?
- Potential dangers in using yaml.load
SCHEDULE
