Web App Vulnerabilities – DevSecOps Course for Beginners



In this DevSecOps course, you will learn how to take advantage of common web vulnerabilities, how to fix those vulnerabilities, and how to use DevSecOps tools to make sure your applications (and containers) are secure. You will also learn all about DevSecOps.

💻 Get the goof example app shown in this course: https://github.com/snyk/goof

🎉 Thanks to Snyk for providing a grant that made this course possible.

🔗 Sign up for Snyk: https://snyk.io/try-devsecops
🔗 Learn more about DevSecOps: https://learn.snyk.io/

✏️ Beau Carnes developed this course.

✏️ Eric Smalling teaches the last section of the course about securing containers. Eric is a Senior Developer Advocate at Snyk.io and has over 30 years of enterprise application development and consulting experience.
🔗 Eric is @ericsmalling on most social platforms (Twitter, LinkedIn, GitHub)

⭐️ Course Contents ⭐️
⌨️ (00:00:00) Introduction
⌨️ (00:00:29) What is DevSecOps?
⌨️ (00:01:12) Vulnerabilities
⌨️ (00:08:11) DevOps vs DevSecOps
⌨️ (00:14:02) Software Project Iceberg
⌨️ (00:15:25) Importance of DevSecOps
⌨️ (00:17:45) Exploiting Common Web App Vulnerabilities
⌨️ (00:37:53) Finding and Fixing Vulnerabilities with Snyk Code
⌨️ (00:49:01) Exploring Vulnerabilities Using the Snyk Web Interface
⌨️ (00:52:22) Securing Containers (featuring Eric Smalling)
⌨️ (01:28:31) Conclusion

🎉 Thanks to our Champion and Sponsor supporters:
👾 Raymond Odero
👾 Agustín Kussrow
👾 aldo ferretti
👾 Otis Morgan
👾 DeezMaster

Learn to code for free and get a developer job: https://www.freecodecamp.org

Read hundreds of articles on programming: https://freecodecamp.org/news

And subscribe for new videos on technology every day: https://youtube.com/subscription_center?add_user=freecodecamp

source

This Post Has 35 Comments

  1. Le Théoricien

    Bad quality content, as usual. 1h28 to install & run snyk.
    Doing DevSecOps as Security Engineer is to automate fxcking everything, not just use snyk, it's not a course for beginners, it's a course for neophytes.

  2. SHOAIB ALI

    Hello
    i am involved in a problem can any one help me
    i want to make a browser i have learnt c++ and C# as a beigner programmer
    anyone can guide me how and from where i start to build browser
    which things i need to learn. which things are required to make browser

  3. Justin Beam

    I wish every single security related video on youtube didnt involves a hoodie with the hood up

  4. Fancy Pants

    I understand less then 10% but it's so cool watching these people talk

  5. Htc Saj

    Is there any react js landing page for business website with basic CSS.

  6. DOOM GRIFTER

    Finding targets is the main issue, I used to have a great scanner for finding exploitable machines called xscan but its too old now. All the good scanners these days always cost lots of money or scan very few machines when you need to scan ranges.

  7. SSNUTHIN

    I am finding it totally hilarious this went live so close to the Oracle vulnerability.

  8. Lisa LI

    This man seems so smart. I have followed him to finish a Mern stack project, but he keeps posting new tutorial video. How could he learn so fast ?

  9. I think that web app's security is often ignored when developing an app or introducing new features. I really enjoyed 'exploying vulnerabilities' part of the vide. Thanks for sharing your knowledge.

  10. Shreyas Rajanna

    Future job title devsecops-ceo-manager-investor-janitor-gardner 😂😂

  11. Taylor Robinson

    OMG, EXACTLY WHAT I NEEDED

    —————————————————–⏯Cliklink———————————————————-THE NEW VIDEOS SEX 🎬ⓉⓊⒷⒺⓈⒺⓍ🔞———————————————————————————————————————————————————————— MY 18+ PHOTOS HE RE 💜 👉 https://ok.me/OTFy?GB/HDRCam私のヌードセックス トップAVビデオに参加する ❤️

    ライブ配信の再編ありがとうです!この日のライブ配信は、かならりやばかったですね!1万人を超える人が見ていたもんね(笑)やっぱり人参最高!まさかのカメラ切り忘れでやら1かしたのもドキドキでした!今後は気を付けないとね. .

    !😉💝❤️#今後は気をライブ配信の再編ありがとうです#この日のライブ配信は#かならりやばかったですね#1万人を超える人が見ていたも

    ん(#笑#やっぱり人参最高#まさかのカメラ切り忘れでやら1かしたのもドキドキでした $

    #今後は気をライブ配信の再編ありがとうです#この日のライブ配信は、W #かならりやばかったですね! !

    #1万人を超える人が見ていたもん#笑#やっぱり人参最高%!

    #まさかのカメラ切り忘れでやら1かしたのもドキドキでした #垃圾W#再編ありがとうです#いたもん#笑)在整個人類歷史上,強者,富人和具有狡猾特質的人捕食部落,氏族,城鎮,城市和鄉村中的弱者,無'守和貧窮成員。然而,人類的生存意願迫使那sfdsd些被拒絕,被剝奪或摧毀的基本需求的人們找到了一種生活方式,並繼續將其DNA融入不斷發展的人類社會。. 說到食物,不要以為那些被拒絕的人只吃垃圾。相反,他們學會了在被忽視的肉類和蔬菜中尋找營養。他們學會了清潔,切塊,調味和慢燉慢燉的野菜和肉類,在食品`.

  12. Iyad Zain

    Nice Explanation but it will be more useful if you implement SecOps using open source tools.

  13. Dan P

    Hacking, step 1: buy a hoodie and have monitors scan the globe.

  14. Fernando Flores

    After flirting with the idea of entering this space, I've always felt the need to learn the techniques used to build better solutions. In fact, this is what crippled me when ever given the idea of pursuing development. I know keep it simple and readable, but because of how I think and function I just couldn't let this go to chance. My code needs to be at least somewhat secure or its just going to require rewriting. Can't wait to see what he does next. My guy, I'd love to ask for a path. I generally ask for direction only, but in this case with this much material, I could really use a plan.
    Recently took an interview with an unnamed company that I am ecstatic about and also ready to jump into a DevOps role where I would like to bring Security to the forefront.

  15. HOPE.

    ty 4 making this! wish for a more advanced follow-up to this

  16. Kanishka Naik

    Please make video on mean stack for 10 to 15 hours.. with multiple big projexts

  17. Gabriel

    bitcoin mining using a read only docker container ….?

  18. Brawl Box

    I just started to learning…Thnx a Lot for sharing knowledge…

  19. Mad Dutchess

    You rock, Beau. Thanks again. Keep up the great work.

  20. Safety Vest

    I'm just starting a MERN full stack but man I'm feeling like code camp is throwing me warp speed into new learning modules.

  21. Kim

    Where did you get your background? It is nice though

Leave a Reply