Company: Pluralsight Author: Peter Mosmans Full Title: Secure Coding: Using Components With Known Vulnerabilities Year: 2019 Language: English Genre: Educational: Security Skill Level: Intermediate Price: - - Files: MP4 (+ Slides .PDF) Time: 01:13:25 Video: AVC, 1280 x 720 (1.778) at 30.000 fps, 200 kbps Audio: AAC at 96 Kbps, 2 channels, 44.1 KHz This course explains the risk of using components with known vulnerabilities. It outlines tools and strategies to reduce the overall risk. The course also discusses several methods to enhance the overall security when using third party components. Do you know if old components you are using are up to date, or contain published vulnerabilities? This course teaches you all about how to reduce the risk when using third-party components. First, you will learn about how to combine the abundance of open source software and component re-use. Next, you will discover how to achieve faster time to market with a plethora of languages, frameworks and package managers. Finally, you will learn about the patch management process. By the end of this course, you will know how to take a methodical approach towards reducing the risk, from installation and versioning all the way to virtual patching and software composition analysis. Lessons: 1. Course Overview 01. Course Overview 2. Using Components with Known Vulnerabilities 02. Course and Module Introduction 03. Demo: Finding Exploitable Components 04. What Is Using Components with Known Vulnerabilities? 05. OWASP Top 10 2017 and Using Components with Known Vulnerabilities 06. Software Life Cycle 07. Module Summary 3. Managing Unsupported or Out-of-date Commercial Software 08. Module Introduction 09. Common Platform Enumeration (CPE) 10. Finding Published Vulnerabilities 11. Virtual Patching 12. Demo: Finding Vulnerabilities and Creating a Virtual Patch 13. Trust When Installing or Updating Components 14. Demo: Secure Installation of Node.js 15. Module Summary 4. Managing Bespoke Software That Uses Third Party Libraries 16. Module Introduction 17. Versioning 18. Software Composition Analysis 19. Automatically Mapping Software Versions against Vulnerabilities 20. Demo: Automatically Mapping Software Versions against Vulnerabilities 21. Module Summary 5. Patch Management Process 22. Module Introduction 23. Hardening 24. Patch Management Process 25. Module and Course Summary Our members see more. Join us! ------------- Our members see more. Join us!