Skip to content

DevOps Learning and Research

3.0 - Insecure Design

NathStevo97/devops-learnings

DevOps Learning and Research

NathStevo97/devops-learnings

DevOps Learning and Research
About
Tags
Certifications
Certifications
- CKA
  CKA
  - 1.0 - Introduction
  - 2.0 - Core Concepts
  - 3.0 - Scheduling
  - 4.0 - Logging and Monitoring
  - 5.0 - Application Lifecycle Management
  - 6.0 - Cluster Maintenance
  - 7.0 - Security
  - 8.0 - Storage
  - 9.0 - Networking
  - 10.0 - Design a Kubernetes Cluster
  - 11.0 - Install Kubernetes the Kubeadm Way
  - 13.0 - Troubleshooting Overview
  - 14.1 - Introduction to JSONPath
  - 15 Mock Exams
    
    15 Mock Exams
    
    KodeKloud Mock 3
    KodeKloud Mock 3
    
    15.2 - Mock Exam 3
    
    Kodekloud Mock 2
    Kodekloud Mock 2
    
    15.1 - Mock Exam 02
- CKAD
  CKAD
- CKS
  CKS
- Green software for practitioners
  Green software for practitioners
- Terraform associate
  Terraform associate
- Vault associate
  Vault associate
- Vmware application modernization
  Vmware application modernization
  - Vmware tanzu kubernetes grid
    Vmware tanzu kubernetes grid
    
    00 Introduction
    00 Introduction
    
    0.1 - Course Introduction
    
    01 VMware Tanzu Portfolio
    01 VMware Tanzu Portfolio
    
    1.1 - The VMWare Tanzu Portfolio
    
    1.2 - Tanzu Kubernetes Grid Concepts
    
    1.3 - The Tanzu CLI
    
    1.4 - Lab 1 - Setting Up a Bootstrap Machine
    
    1.5 - Cluster API
    
    1.6 - End of Module Assessment
    
    02 Management Clusters
    02 Management Clusters
    
    2.1 - Overview of Management Clusters and Preparing the vSphere
    
    2.2 - Lab 2
    
    2.3 - Lab 3
    
    2.4 - NSX Advanced Load Balancer
    
    2.5 - Cluster Authentication
    
    2.6 - Creating Management Clusters
    
    2.7 - Lab 4
    
    2.8 - Managing Management Clusters
    
    2.9 - End of Module Assessment
    
    03 Tanzu Kubernetes Clusters
    03 Tanzu Kubernetes Clusters
    
    3.1 - Building Custom Cluster Machine Images
    
    3.2 - Deploying Tanzu Kubernetes Cluster
    
    3.3 - Lab 5
    
    3.4 - Managing Tanzu Kubernetes Clusters
    
    3.5 - Lab 6
    
    3.6 - Lab 7
    
    3.7 - Managing Cluster Lifecycles
    
    3.8 - End of Module Assessment
    
    04 Tanzu Kubernetes Grid Extensions
    04 Tanzu Kubernetes Grid Extensions
    
    4.01 - Tanzu Kubernetes Grid Extensions
    
    4.02 - Lab 8
    
    4.03 - Lab 9
    
    4.04 - Image Registry
    
    4.05 - Logging
    
    4.06 - Lab 10
    
    4.07 - Ingress
    
    4.08 - Lab 11
    
    4.09 - Service Discovery
    
    4.10 - Lab 12
    
    4.11 - Cluster Monitoring
    
    4.12 - Lab 13
    
    4.13 - Lab 14
    
    4.14 - End of Module Assessment
    
    05 Troubleshooting
    05 Troubleshooting
    
    5.1 - Tanzu Kubernetes Grid Logs
    
    5.2 - Using Crash Diagnostics
    
    5.3 - Lab 15
    
    5.4 - Troubleshooting Commands
    
    5.5 - Lab 16
    
    5.6 - Lab 17
    
    5.7 - End of Module Assessment
Practices
Practices
- Cybersecurity
  Cybersecurity
  - Cybersecurity devops specialism
    Cybersecurity devops specialism
    
    01 OWASP
    01 OWASP
    
    1.0 - Learning the OWASP Top 10
    
    2.0 - The OWASP Top 10 - An Overview
    
    3.0 - The OWASP Top 10: Detailed
    
    02 devops foundations devsecops
    02 devops foundations devsecops
    
    1.0 - DevOps Basics
    
    2.0 - Getting Started with DevSecOps
    
    3.0 - Starting Your DevSecOps Journey
    
    03 application security in devsecops
    03 application security in devsecops
    
    1.0 - DevSecOps Basics
    
    2.0 - Continious Application Security
    
    3.0 - Putting it All Together
    
    04 securing software as a service
    04 securing software as a service
    
    1.0 - SaaS Threat Landscape
    
    2.0 - SaaS Security Controls Lifecycle
    
    3.0 - SaaS Security Tooling
    
    4.0 - Bonus Section
  - Cybersecurity foundations
    Cybersecurity foundations
    
    01 gdpr compliance essentials
    01 gdpr compliance essentials
    
    1.0 - Introduction
    
    2.0 - GDPR Basics
    
    3.0 - GDPR Responsibilities
    
    4.0 - Technical Components
    
    5.0 - Requirements
    
    6.0 - Data Subject Rights
    
    7.0 - Breach Notification
    
    02 the cybersecurity threat landscape
    02 the cybersecurity threat landscape
    
    1.0 - Malware and Ransomware
    
    2.0 - Phishing and Smishing
    
    3.0 - Business Email Compromise
    
    4.0 - Botnets and DDoS Attacks
    
    5.0 - Zero-Day Attacks
    
    6.0 - AI-Based Cyberattacks
    
    7.0 - Advanced Persistent Threats (APTs)
    
    8.0 - Insider Threats
    
    9.0 - Unmanaged IoT Devices
    
    10.0 - Shadow IT
    
    11.0 - Supply Chain Attacks and Third-Party Risks
    
    03 cybersecurity foundations application security
    03 cybersecurity foundations application security
    
    1.0 - Access Control
    
    2.0 - Tainted Input
    
    3.0 - Insecure Design 3.0 - Insecure Design
    On this page
    
    3.1 - Information Disclosure
    
    3.2 - Open Redirect
    
    3.3 - Business Logic Errors
    
    4.0 - Industry Trends
Tooling
Tooling
- Ansible
  Ansible
  - Ansible advanced
    Ansible advanced
    
    1.0 - Introduction
    
    2.0 - Web Application
    
    3.0 - File Separation
    
    4.0 - Roles
    
    5.0 - Asynchronous Actions
    
    6.0 - Strategy
    
    7.0 - Error Handling
    
    8.0 - Templating - Jinja2
    
    9.0 - Lookups
    
    10.0 - Vault
    
    11.0 - Dynamic Inventory
    
    12 Custom Modules
    12 Custom Modules
    
    12.0 - Custom Modules
    
    13 Plugins
    13 Plugins
    
    13.0 - Plugins
    
    14 Assignment
    14 Assignment
    
    14.0 - Assignment
  - Kodekloud: Ansible for Beginners
  - Automating ec2 deployment
    Automating ec2 deployment
    
    1.0 - About AWS EC2 and Ansible Automation
    
    2.0 - Planning and Preparing for Automation
    
    3.0 - Deploying into EC2
    
    4.0 - Generating an Inventory of EC2 Instances
    
    5.0 - Building Custom AMIs with Ansible
    
    6.0 - Cleaning up Resources
  - Ansible for beginners
    Ansible for beginners
    
    1.0 - Introduction
    
    2.0 - Configuration and Basic Concepts
    
    3.0 - Ansible Inventory
    
    4.0 - Ansible Variables
    
    5.0 - Ansible Playbooks
    
    6.0 - Ansible Modules
    
    7.0 - Ansible Handlers: Roles and Collections
    
    8.0 - Advanced Topics
    
    9.0 - Appendix
- Argocd
  Argocd
  - Getting Started with Argo CD
- Grafana loki
  Grafana loki
  - Using Centralized Logging
- Helm
  Helm
  - Kubernetes Package Administration with Helm
- Packer
  Packer
  - Getting Started with HashiCorp Packer

On this page

3.1 - Information Disclosure
3.2 - Open Redirect
3.3 - Business Logic Errors

DevOps Learning and Research
Practices
Cybersecurity
Cybersecurity foundations
03 cybersecurity foundations application security

3.0 - Insecure Design¶

3.1 - Information Disclosure¶

3.2 - Open Redirect¶

3.3 - Business Logic Errors¶

Copyright © 2026 Nathan Stephenson

Made with Zensical