A number of high-level security controls such as web application firewalls and secure coding practices go a long way toward securing web applications. In this 10-video course, learners can explore vulnerability scanning and penetration testing tools and procedures. Key concepts covered in this course include learning to adhere to secure coding guidelines at all phases of the SDLC; how a web application firewall is much more of an in-depth solution for web application security than a traditional firewall; and how to configure a web application firewall for a Microsoft Azure web application. Next, learn why malicious users and ethical hackers perform network and vulnerability scans; learn the importance of conducting periodic penetration tests with the goal to exploit vulnerabilities to determine risk; how to perform a network scan by using Nmap, which identifies devices on the network. Conclude by observing how to perform a vulnerability scan using Nessus; and how to test the security of a web application with OWASP ZAP.
OWASP: Web Application Security