Web Application Security

本课程是 Microsoft Front-End Developer 专业证书的一部分

位教师： Microsoft

包含在 Coursera Plus 中

了解更多

4个模块

深入了解一个主题并学习基础知识。

初级等级

推荐体验

4 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

4个模块

深入了解一个主题并学习基础知识。

初级等级

推荐体验

4 周完成

在 10 小时一周

灵活的计划

自行安排学习进度

您将获得的技能

要了解的详细信息

可分享的证书

添加到您的领英档案

作业

32 任务¹

AI 评分请参见免责声明

授课语言：英语（English）

了解顶级公司的员工如何掌握热门技能

了解关于 Coursera for Business 的更多信息

Petrobras, TATA, Danone, Capgemini, P&G 和 L'Oreal 的徽标

积累 Mobile and Web Development 领域的专业知识

本课程是 Microsoft Front-End Developer 专业证书专项课程的一部分

在注册此课程时，您还会同时注册此专业证书。

向行业专家学习新概念
获得对主题或工具的基础理解
通过实践项目培养工作相关技能
通过 Microsoft 获得可共享的职业证书

该课程共有4个模块

This course covers essential web security concepts and secure coding practices. You’ll learn to identify common vulnerabilities, implement protection techniques, and leverage Microsoft Copilot to detect and fix security issues in web applications.

By the end of this program, you will be able to… Define common web application vulnerabilities and principles of secure coding. Explain the concepts and impacts of SQL injection, XSS, CSRF, input validation techniques, and best practices for authentication and authorization. Describe the importance of output encoding, sanitization, secure data storage, and transmission. Enhance the security of web applications with Microsoft Copilot to detect vulnerabilities, fix issues, and implement secure coding practices.

In this module, you will explore the most prevalent security vulnerabilities in web applications and their potential impact. You’ll learn how attacks such as SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) exploit security flaws, compromising data integrity and user privacy. Through real-world examples, you’ll analyze how these threats manifest and the consequences they can have on web applications. By the end of this module, you’ll have a deeper understanding of these vulnerabilities and the critical need for secure coding practices to mitigate risks.

涵盖的内容

25个视频12篇阅读材料10个作业1个非评分实验室1个插件

25个视频总计104分钟

Course Introduction: Web Application Security2分钟
Instructor Introduction2分钟
The What’s What of the Course3分钟
Completing the Guided Labs4分钟
Introducing the AI Tool: Microsoft Copilot2分钟
How to Be Successful in This Program4分钟
Introduction to the Capstone Project1分钟
Introduction: Common Vulnerabilities1分钟
Identifying Common Web Vulnerabilities4分钟
Practical Impact of Vulnerabilities3分钟
Comparing Vulnerabilities3分钟
How SQL Injection Works4分钟
Mitigating SQL Injection3分钟
Implementing SQL Injection Mitigation6分钟
How XSS Works3分钟
Mitigating XSS Vulnerabilities3分钟
XSS Exploitation and Mitigation in Action8分钟
How CSRF Works6分钟
Mitigating CSRF4分钟
Demonstrating CSRF Exploitation and Mitigation5分钟
SQL Injection Case Study5分钟
XXS Injection Case Study5分钟
CSRF Case Study4分钟
Analyzing and Mitigating Web Vulnerabilities6分钟
Conclusion: Common Vulnerabilities (e.g., SQL Injection, XSS, CSRF)1分钟

12篇阅读材料总计135分钟

Course Syllabus: Web Application Security5分钟
Completing the Guided Labs30分钟
Microsoft Tools for Front-End Development10分钟
Activity: Vulnerability Comparison Table - Answer Key10分钟
Overview of Common Web Application Vulnerabilities10分钟
Overview of Common Web Vulnerabilities10分钟
Activity: SQL Injection Mitigation Practice - Answer Key10分钟
Mitigating SQL Injection: Practical Strategies10分钟
Activity: Preventing XSS in a Sample Application - Answer Key10分钟
Mitigating XSS: Input Validation and Encoding10分钟
Activity: Implementing CSRF Prevention in a Web Application - Answer Key10分钟
You Try It! Analyzing and Mitigating Web Vulnerabilities - Answer Key10分钟

10个作业总计310分钟

Activity: Vulnerability Comparison Table30分钟
Practice Quiz: Introduction to Web Application Vulnerabilities25分钟
Activity: SQL Injection Mitigation Practice30分钟
Practice Quiz: SQL Injection30分钟
Activity: Preventing XSS in a Sample Application30分钟
Practice Quiz: Cross-Site Scripting (XSS)30分钟
Activity: Implementing CSRF Prevention in a Web Application30分钟
Practice Quiz: Cross-Site Request Forgery (CSRF)30分钟
Practice Quiz: Mitigating Web Vulnerabilities25分钟
Graded Quiz: Common Vulnerabilities (e.g., SQL Injection, XSS, CSRF)50分钟

1个非评分实验室总计60分钟

You Try It! Analyzing and Mitigating Web Vulnerabilities60分钟

1个插件总计15分钟

Guided Lab: Analyzing and Mitigating Web Vulnerabilities15分钟

In this module, you will learn the fundamental principles of secure coding and how they help protect web applications from common security threats. You'll explore techniques for input validation, output encoding, and data sanitization to prevent malicious attacks. Additionally, you’ll gain insight into best practices for authentication, authorization, and secure data storage and transmission. By the end of this module, you’ll understand how to implement security-focused development practices that strengthen application defenses and safeguard user data.

涵盖的内容

18个视频9篇阅读材料6个作业4个非评分实验室4个插件

18个视频总计78分钟

Introduction: Secure Coding Practices and Input Validation1分钟
Overview of Secure Coding Principles4分钟
Secure Development Lifecycle (SDL)3分钟
Types of Input Validation3分钟
Implementing Input Validation in Code8分钟
Implementing Input Validation in a Web Application - Guided Lab Video4分钟
Encoding Techniques3分钟
Implementing Encoding Techniques in Code5分钟
Sanitization Practices3分钟
Encoding and Sanitization in a Web Application - Guided Lab Video5分钟
Authentication Techniques3分钟
Authentication Techniques Passkeys3分钟
Authorization Techniques – Implementing Role-Based Access Control (RBAC)4分钟
Implementing Authentication and Authorization in a Web Application - Guided Lab Video9分钟
Encryption Techniques for Secure Data Storage3分钟
Secure Transmission With TLS/SSL Protocols4分钟
Secure Data Storage and Transmission in a Web Application - Guided Lab Video5分钟
Conclusion: Secure Coding Practices and Input Validation1分钟

9篇阅读材料总计90分钟

Foundations of Secure Coding: Key Principles and the SDL10分钟
You Try It! Implementing Input Validation in a Web Application - Answer Key10分钟
Practical Input Validation Techniques for Secure Web Applications10分钟
You Try It! Encoding and Sanitization in a Web Application - Answer Key10分钟
Encoding and Sanitization Cheat Sheet10分钟
You Try It! Implementing Authentication and Authorization in a Web Application - Answer Key10分钟
Authentication and Authorization Best Practices10分钟
You Try It! Secure Data Storage and Transmission in a Web Application - Answer Key10分钟
Encryption and Secure Transmission Reference Guide10分钟

6个作业总计170分钟

Practice Quiz: Principles of Secure Coding15分钟
Practice Quiz: Implementing Input Validation25分钟
Practice Quiz: Encoding and Sanitization Techniques30分钟
Practice Quiz: Implementing Secure Authentication and Authorization25分钟
Practice Quiz: Secure Data Storage and Transmission Techniques25分钟
Graded Quiz: Secure Coding Practices and Input Validation50分钟

4个非评分实验室总计240分钟

You Try It! Implementing Input Validation in a Web Application60分钟
You Try It! Encoding and Sanitization in a Web Application60分钟
You Try It! Implementing Authentication and Authorization in a Web Application60分钟
You Try It! Secure Data Storage and Transmission in a Web Application60分钟

4个插件总计60分钟

Guided Lab: Implementing Input Validation in a Web Application15分钟
Guided Lab: Encoding and Sanitization in a Web Application15分钟
Guided Lab: Implementing Authentication and Authorization in a Web Application15分钟
Guided Lab: Secure Data Storage and Transmission in a Web Application15分钟

In this module, you will discover how Microsoft Copilot can assist in detecting and mitigating security vulnerabilities in web applications. You’ll learn how to leverage Copilot’s AI-powered capabilities to identify security flaws in code, apply fixes, and reinforce secure coding best practices. Additionally, you’ll explore how Copilot can be integrated into a comprehensive security review process to enhance application security. By the end of this module, you’ll be equipped to use Microsoft Copilot as a valuable tool in securing web applications against potential threats.

涵盖的内容

10个视频10篇阅读材料11个作业4个非评分实验室

10个视频总计40分钟

Overview of Security Vulnerability Detection2分钟
Using Copilot to Detect Vulnerabilities5分钟
Understanding Copilot’s Recommendations3分钟
Applying Fixes With Copilot6分钟
Secure Coding Recommendations from Copilot3分钟
Overview of Comprehensive Security Reviews4分钟
Performing a Security Review With Copilot4分钟
Understanding the Limits of AI Security Recommendations2分钟
Comparing AI Recommendations With Manual Reviews4分钟
Conclusion: Using Microsoft Copilot for Identifying and Fixing Security Issues1分钟

10篇阅读材料总计90分钟

Activity: Detecting Vulnerabilities Using Microsoft Copilot - Answer Key10分钟
You Try It! Detecting Vulnerabilities Using Microsoft Copilot - Answer Key10分钟
Activity: Fixing Vulnerabilities Using Microsoft Copilot - Answer Key10分钟
You Try It! Fixing Vulnerabilities Using Microsoft Copilot - Answer Key10分钟
Activity: Implementing Secure Coding Practices Using Copilot - Answer Key10分钟
You Try It! Implementing Secure Coding Practices Using Copilot - Answer Key10分钟
Secure Coding Practices With Copilot10分钟
Activity: Conducting a Comprehensive Security Review Using Copilot - Answer Key5分钟
You Try It! Conducting a Comprehensive Security Review Using Copilot - Answer Key10分钟
Activity: Create a Security Evaluation Report - Answer Key5分钟

11个作业总计295分钟

Activity: Detecting Vulnerabilities Using Microsoft Copilot30分钟
Practice Quiz: Identifying Security Vulnerabilities With Microsoft Copilot20分钟
Activity: Fixing Vulnerabilities Using Microsoft Copilot30分钟
Practice Quiz: Fixing Security Issues Using Microsoft Copilot25分钟
Activity: Implementing Secure Coding Practices Using Copilot30分钟
Practice Quiz: Applying Secure Coding Practices Using Copilot15分钟
Activity: Conducting a Comprehensive Security Review Using Copilot30分钟
Practice Quiz: Comprehensive Security Review With Microsoft Copilot20分钟
Activity: Create a Security Evaluation Report30分钟
Practice Quiz: Evaluating AI-Driven Security Practices15分钟
Graded Quiz: Using Microsoft Copilot for Identifying and Fixing Security Issues50分钟

4个非评分实验室总计240分钟

You Try It! Detecting Vulnerabilities Using Microsoft Copilot60分钟
You Try It! Fixing Vulnerabilities Using Microsoft Copilot60分钟
You Try It! Implementing Secure Coding Practices Using Copilot60分钟
You Try It! Conducting a Comprehensive Security Review Using Copilot60分钟

涵盖的内容

7个视频5个作业1次同伴评审5个插件

7个视频总计32分钟

Instructions: Capstone Part 15分钟
Instructions: Capstone Part 25分钟
Instructions: Capstone Part 34分钟
Instructions: Capstone Part 46分钟
Instructions: Capstone Part 55分钟
Course Conclusion: Web Application Security1分钟
Program Conclusion: Microsoft Front-End Developer Professional Certificate3分钟

5个作业总计150分钟

Activity: Capstone Part 130分钟
Activity: Capstone Part 230分钟
Activity: Capstone Part 430分钟
Activity: Capstone Part 530分钟
Activity: Capstone Part 330分钟

1次同伴评审总计60分钟

Peer Review Submission60分钟

5个插件总计75分钟

Coach Dialogue15分钟
Preparing for Capstone Part 215分钟
Preparing for Capstone Part 315分钟
Preparing for Capstone Part 415分钟
Preparing for Capstone Part 515分钟

获得职业证书

将此证书添加到您的 LinkedIn 个人资料、简历或履历中。在社交媒体和绩效考核中分享。

位教师

Microsoft

239 门课程1,909,719 名学生

提供方

Microsoft

从 Mobile and Web Development 浏览更多内容

状态：免费试用
Codio
Software Security for Web Applications
课程
Packt
Hands-On Web App Pentesting
课程
状态：免费试用
University of California, Davis
Identifying Security Vulnerabilities
课程
Packt
Writing Secure Code in ASP.NET
课程

人们为什么选择 Coursera 来帮助自己实现职业发展

Felipe M.

自 2018开始学习的学生

''能够按照自己的速度和节奏学习课程是一次很棒的经历。只要符合自己的时间表和心情，我就可以学习。'

Jennifer J.

自 2020开始学习的学生

''我直接将从课程中学到的概念和技能应用到一个令人兴奋的新工作项目中。'

Larry W.

自 2021开始学习的学生

''如果我的大学不提供我需要的主题课程，Coursera 便是最好的去处之一。'

Chaitanya A.

''学习不仅仅是在工作中做的更好：它远不止于此。Coursera 让我无限制地学习。'

通过 Coursera Plus 开启新生涯

无限制访问 10,000+ 世界一流的课程、实践项目和就业就绪证书课程 - 所有这些都包含在您的订阅中

了解更多

通过在线学位推动您的职业生涯

获取世界一流大学的学位 - 100% 在线

探索学位

加入超过 3400 家选择 Coursera for Business 的全球公司

提升员工的技能，使其在数字经济中脱颖而出

了解更多

常见问题

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

When you enroll in the course, you get access to all of the courses in the Certificate, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.