Web Security will look at a number of aspects of web security, with a focus on the OWASP Top 10 vulnerabilities list from 2017 (this is the current industry standard). The subject is intended to mix theory and application, as well as examining real-world case studies of vulnerabilities. The subject aims to develop an awareness of the vulnerabilities that a web application is likely to face, and an understanding of the types of mitigation strategies that can be deployed. We will stress heavily on the practical aspect of every vulnerability.
Identify common attack vectors Discuss mitigation strategies for common attack vectors Develop appropriate input validation and data sanitisation strategies Compare software updating strategies and their effectiveness at mitigating software vulnerabilities Explain the importance of correctly configuring software Critique options for vulnerability disclosure and the associated ethical challenges