PLU | Secure Coding: Using Components With Known Vulnerabilities (2019 EN)

Discussion in 'Information Technology' started by Kanka, Jul 28, 2019.

  1. Kanka

    Kanka Well-Known Member Loyal User

    Messages:
    16,086
    Likes Received:
    446
    Trophy Points:
    83
    [​IMG]

    Company: Pluralsight
    Author: Peter Mosmans
    Full Title: Secure Coding: Using Components With Known Vulnerabilities
    Year: 2019
    Language: English
    Genre: Educational: Security
    Skill Level: Intermediate
    Price: -
    -
    Files: MP4 (+ Slides .PDF)
    Time: 01:13:25
    Video: AVC, 1280 x 720 (1.778) at 30.000 fps, 200 kbps
    Audio: AAC at 96 Kbps, 2 channels, 44.1 KHz



    This course explains the risk of using components with known vulnerabilities. It outlines tools and strategies to reduce the overall risk. The course also discusses several methods to enhance the overall security when using third party components.

    Do you know if old components you are using are up to date, or contain published vulnerabilities? This course teaches you all about how to reduce the risk when using third-party components. First, you will learn about how to combine the abundance of open source software and component re-use. Next, you will discover how to achieve faster time to market with a plethora of languages, frameworks and package managers. Finally, you will learn about the patch management process. By the end of this course, you will know how to take a methodical approach towards reducing the risk, from installation and versioning all the way to virtual patching and software composition analysis.


    Lessons:
    1. Course Overview
    01. Course Overview
    2. Using Components with Known Vulnerabilities
    02. Course and Module Introduction
    03. Demo: Finding Exploitable Components
    04. What Is Using Components with Known Vulnerabilities?
    05. OWASP Top 10 2017 and Using Components with Known Vulnerabilities
    06. Software Life Cycle
    07. Module Summary
    3. Managing Unsupported or Out-of-date Commercial Software
    08. Module Introduction
    09. Common Platform Enumeration (CPE)
    10. Finding Published Vulnerabilities
    11. Virtual Patching
    12. Demo: Finding Vulnerabilities and Creating a Virtual Patch
    13. Trust When Installing or Updating Components
    14. Demo: Secure Installation of Node.js
    15. Module Summary
    4. Managing Bespoke Software That Uses Third Party Libraries
    16. Module Introduction
    17. Versioning
    18. Software Composition Analysis
    19. Automatically Mapping Software Versions against Vulnerabilities
    20. Demo: Automatically Mapping Software Versions against Vulnerabilities
    21. Module Summary
    5. Patch Management Process
    22. Module Introduction
    23. Hardening
    24. Patch Management Process
    25. Module and Course Summary


    -------------