Back to roadmap Dashboard

AdvancedExpert5 weeks

Security

Protect backend systems against common application, API, and infrastructure risks.

Topic 17 of 24

Prerequisites

Authentication & Authorization
API Development

Key Concepts & Skills

OWASP Top 10
SQL Injection
XSS
CSRF
Rate Limiting
Security Headers
Threat model APIs
Prevent injection
Use secure headers
Rate-limit abuse

Learning Outcomes

Understand the core principles of OWASP Top 10
Configure and deploy SQL Injection successfully
Troubleshoot common issues with XSS
Understand the core principles of CSRF
Configure and deploy Rate Limiting successfully
Troubleshoot common issues with Security Headers
Understand the core principles of Threat model APIs
Configure and deploy Prevent injection successfully
Troubleshoot common issues with Use secure headers
Understand the core principles of Rate-limit abuse

Resources

Official Docs

OWASP Top 10 OWASP API Security

Practice

PortSwigger Academy

Practice Exercises

Fix SQL injection in a sample endpoint.Add rate limits.Create a security checklist for releases.

Project Task

Harden an authentication API against common attacks.

Quiz

How do parameterized queries prevent SQL injection?Explain the answer with one real-world example.List one mistake a beginner might make here.

Notes