Fixing Vulnerabilities

This project is part of the JSON Web Token (JWT) Authentication for APIs bundle.
prerequisites
intermediate Java • basics of Spring • basic debugging
skills learned
understanding the procurement API • adding the authentication layer with JSON web tokens • identifying and fixing vulnerabilities
Sashank Dara
1 week · 6-8 hours per week · BEGINNER
filed under

placing your order...

Don't refresh or navigate away from the page.
liveProject This project is part of the JSON Web Token (JWT) Authentication for APIs bundle. liveProjects give you the opportunity to learn new skills by completing real-world challenges in your local development environment. Solve practical problems, write working code, and analyze real data—with liveProject, you learn by doing. These self-paced projects also come with full liveBook access to select books for 90 days plus permanent access to other select Manning products. $13.99 $19.99 you save: $6 (30%)
Fixing Vulnerabilities (liveProject) added to cart
continue shopping
go to cart

Look inside
In this liveProject, you will secure your REST API by identifying and fixing the basic vulnerabilities in JWT implementations in addition to tackling Cross-Site Scripting vulnerabilities, finding and fixing Cross-Site Request Forgery vulnerabilities, and exploiting and then securing Cross-Origin Resource Sharing misconfiguration.
This project is designed for learning purposes and is not a complete, production-ready application or solution.

book resources

When you start your liveProject, you get full access to the following books for 90 days.

project author

Sashank Dara
Sashank Dara, PhD, is a seasoned cybersecurity technologist and expert. He has over 17 years of extensive experience in cybersecurity R&D. He got his PhD in cybersecurity from IIIT-Bangalore in the area of applied cryptography and threat intelligence. He is co-inventor of five U.S. patents (and 3 IETF drafts) in the areas of cloud, SDN, and NFV security. He is a trusted information security consultant and adviser for top companies in EdTech, IT/ITes, academia, and real estate. Dara has published more than a dozen research papers at IEEE, LNCS conferences in the areas of cloud security, privacy, cryptography, and threat intelligence. He is a prolific speaker at security conferences and invited talks. He was a consultant advisor with Manipal Global Education Services for its cybersecurity programs. He was security technology and strategy advisor for security startups including Appknox, Haltdos, and SecurityJourney.com. Dara is currently the CTO and co-founder of Seconize, an award-winning cybersecurity startup pioneering a cyber risk and compliance management SaaS product suite.

prerequisites

This liveProject is for developers who know the basics of REST API development, who want to add JWT authentication to their toolbox. To begin this liveProject, you will need to be familiar with:

TOOLS
  • Intermediate Java
  • Basics of Java Spring
  • Basics of SQL and JDBC
  • Basics of Linux and command line
  • Java IDEs such as Eclipse or IntelliJ IDEA
  • Testing APIs via PostMan
TECHNIQUES
  • Basic debugging
  • Code reviews
  • Code refactoring
  • Unit testing

you will learn

In this liveProject, you’ll learn reliable techniques for securing any REST API with JWT.

  • Understanding the Procurement API specified in Open API Specification 3.0 using Swagger
  • Setting up the environment to run the reference API implementation provided using Java
  • Identifying the implementation vulnerabilities
  • Fixing the Java code to remediate the vulnerabilities identified
  • Retesting the new code for functionality using Postman

features

Self-paced
You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.
book resources
Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.
RECENTLY VIEWED