1.
Introduction
1.1.
Secure Development Lifecycle
2.
7 (+1) Kingdoms of Software Security Errors
2.1.
Input Validation
2.2.
API Abuse
2.3.
Security Features
2.4.
Time and State
2.5.
Error Handling
2.6.
Code Quality
2.7.
Encapsulation
2.8.
(*) Environment
3.
Web App Security Testing
3.1.
SQL Injection
3.2.
OS Command Injection
3.3.
JSON/XML Injection
3.4.
Broken Authentication and Session Management
3.5.
Broken Access Control
3.6.
Cross-Site Request Forgery (CSRF)
3.7.
Web Application Vulnerability Scanners vs Staic Code Analysis
4.
Buffer Overflows and Race Conditions
5.
Fundamental Security Principles
6.
Java Security
7.
Developing Secure Traditional Web Applications (JSF)
8.
Developing Secure Modern Web Applications
9.
Security Requirements Engineering and Threat Modeling
10.
Security Risk Analysis
Light
Rust
Coal
Navy
Ayu
Software Security 1
Web Application Vulnerability Scanners vs Static Code Analysis Tools
