📘 Chapter 12 – Secure Applications CompTIA Security (SY0-701) | CJUS 314 – Cybersecurity | Mount St. Mary’s University Instructor: Prof. Alex O. Akpodiete Atawa AI – Building Trustworthy AI for a Diverse World This video covers Chapter 12: Secure Applications, a major component of the Security (SY0-701) exam and a fundamental skillset for cybersecurity and digital forensics students. We explore how attackers exploit web, API, and software vulnerabilities—and the security principles needed to design, test, and deploy secure applications. 🌐 What You’ll Learn (Mapped to SY0-701 Objectives) 1️⃣ Application Vulnerabilities & Exploits ✔ OWASP Top 10 vulnerabilities (injection, XSS, broken auth, misconfiguration, XXE, etc.) Chapter 12 - Secure applications ✔ Buffer & integer overflow, race conditions (TOCTOU), memory issues ✔ API attacks, malicious updates, resource exhaustion ✔ SQL injection attack techniques & defenses (pages 17–20) ✔ Client-side attacks: XSS, cookies, browser add-ons (page 23) 2️⃣ Secure Development & DevSecOps ✔ Secure SDLC: initiation → development → implementation → operations → disposal ✔ Secure design principles (OWASP): trust nothing by default, defense-in-depth, least privilege ✔ Secure coding: input validation/sanitization, error handling, cryptography ✔ Strong session management, cookie flags, secure session IDs (page 43–44) ✔ Software assurance and secure supply-chain practices 3️⃣ Application Testing & Hardening ✔ SAST, DAST, fuzzing (page 47–51) ✔ Sandboxing and isolated testing environments ✔ Third-party library risks ✔ Hardening applications before and after deployment Why This Chapter Matters Secure applications form the backbone of modern cybersecurity. Understanding how apps break—and how to secure them—is essential for: Security SY0-701 success SOC, IR, or penetration testing careers Secure development & DevSecOps roles Cloud and API security work 📌 Connect LinkedIn: linkedin.com/in/alexakpodiet… Email: Training@Atawa.ai Atawa AI – Building Trustworthy AI for a Diverse World #securityplus #SY0701 #secureapplications #OWASP #sqlinjection #xss #cybersecuritytraining #CJUS314 #MSMU #AtawaAI #devsecops #infosec #applicationsecurity

🔒 Learn how OWASP principles help secure web and API apps! Our blog covers the OWASP Top Ten, risk framework, and how Payara Server Enterprise aligns with these standards. 📖 Read now: tinyurl.com/nd22s2md #OWASP #AppSec #SecureApplications

Laravel Development Services pearlorganisation.com #LaravelDevelopment #WebDevelopment #PHP #TechSolutions #CustomApplications #WebDesign #ScalableSolutions #SecureApplications #DigitalTransformation #TechInnovation #pearl_organisation #Dehradun #Uttrakhand #ITservices

Laravel Development Services pearlorganisation.com #LaravelDevelopment #WebDevelopment #PHP #TechSolutions #CustomApplications #WebDesign #ScalableSolutions #SecureApplications #DigitalTransformation #TechInnovation #pearl_organisation #Dehradun #Uttrakhand #ITservices

Are you looking for Java developers to work on your next project? Contact Us- bit.ly/3r53y7c - - - #JavaDevelopment #SecureApplications #Agile #UIUX #Clients #SoftwareDevelopment #CodeQuality #TechSolutions #TimelyDelivery #Programming #Packages #Support #Business

Test your low-code applications thoroughly to ensure they meet performance and security standards. #ThoroughTesting #SecureApplications #AppSecurity #PerformanceMatters #TestYourCode #QualityAssurance

Don't miss @codynamorph at #LambdaConf2024 as he unveils the power of fully homomorphic encryption (FHE)! Discover how FHE ensures privacy while enabling computation on encrypted data. Join now: buff.ly/3wbaG7U #DataPrivacy #AppDevelopment #SecureApplications #Rust

Karak Network: Accelerating the New Internet! Karak is a Layer 2 Risk Management Blockchain that offers modular security, supports re-staking, artificial intelligence, and next-generation secure applications.#Karak #Blockchain #Web3 #ArtificialIntelligence #SecureApplications

I’m happy to share that I’m starting a new position as Research Scientist at #VTT as an #ERCIM Fellow! I'll be working with my Scientific Supervisor - #NikolaosPapakonstantinou in the Cybersecurity Team. #cybersecurity #research #secureapplications #secureinfrastructure

Cloud Migration is a process whereby an organization's digital assets, resources and services or applications are deployed in the cloud. Visit Our Website quadsel.in Call us on 91 98410 16631 #quadsel #cloud #cloudmigration #secureapplications

You MUST have a podcast about $PAC - find out about all the #Web3Utility they are building behind the scenes. True #DecentralisedNetwork with #Private #SecureApplications #OwnYourData #PACprotocol

#TechBlog #SecurityWatch #SecurityNews #securitybreach #mobilephone #applestore #securityawareness #securitytips #mobiledevelopment #cybersecurity #cyberattack #cybercrime #cybersec #cybersecuritythreats #cybersecuritytips #Secureapplications #malwareattack

None of the existing cryptographic functions is ideal, but they must be very close to it. The main quality criteria of every cryptographic hash function are how close/far to the ideal one they are. #Secureapplications #Hashing #HashingAlgorithm #Cryptography #HashFunction

Join our upcoming webinar with Nenne Adaora (Adora) Nwodo, Software Engineer, Microsoft Mixed Reality, on March 30, 2021, where she will discuss how to design #secureapplications in the cloud. Click here to register now: ow.ly/Iq8N50E4GCb #webinar #eccouncil

Join our free webinar with Nenne Adaora (Adora) Nwodo, Software Engineer, Microsoft Mixed Reality, on March 30, 2021, and learn how to design #secureapplications in the cloud. Click here to register now: ow.ly/vumo50E4Gos

Data breach has become the new normal. It has become everyday news and very little is done to secure data. Is it so difficult to built in design secure applications that protect data? #databreach #security #cyberattacks #secureapplications #securitynews scmp.com/news/hong-kong/educ…

Virsec Live Stream CyberSecurity NP Panel Discussion Starts in 3 minutes! Securing Your Applications in a DevOps World; Join Virsec's CSA Frank Walsh & others. Free panel discussion, Streaming now buff.ly/31ByPzt #CSNP #SecureApplications #SecureDevOps

Don't miss 10/22 Live-Stream CyberSecurity NP Panel Discussion - Securing Your Applications in a DevOps World; Join Virsec's CSA Frank Walsh & others. Free panel discussion, streamed fm 6:30-8:00pm. Register now! buff.ly/31ByPzt #CSNP #SecureApplications #SecureDevOps

Tanner Prynn makes your life a bit easier when it comes to #Frida giving tips and tricks that other documentation doesn't cover - click to read on @NCCGroupInfoSec #android #javascript #secureapplications #appsec #java bit.ly/2Z39SMW

Tanner Prynn makes your life a bit easier when it comes to #Frida giving tips and tricks that other documentation doesn't cover - click to read on @NCCGroupInfoSec #android #javascript #secureapplications #appsec #java bit.ly/2G8KeyE