In addition to our Introduction to Application Security and Cross-Site Scripting badges, we are officially announcing the addition of the Injection Attacks badge to the NYU Cyber Fellows Program. This is the newest available badge from Cybr being issued by NYU’s Tandon School of Engineering.
NYU Cybersecurity students can take our Injection Attacks course and obtain our co-branded course badge.
We’re happy to be one of the NYU Cybersecurity Industry Partners providing cybersecurity courses and materials to supplement NYU’s Cyber Fellows program and curriculum.
Industry Partner courses are offered to provide supplemental instruction, learning experiences, and hands-on training to benefit students in their program. Students demonstrate their commitment to becoming leaders in the field and satisfy their unquenchable thirst for knowledge by investing time outside of class to complete courses from industry partners. Once a course is complete, they receive a co-branded badge as evidence of course completion and the new knowledge and skills they built.
If you’d like more information about the NYU Tandon School of Engineering Cybersecurity program, please refer to our other announcement!
About the Injection Attacks Badge
Injections are one of the top threats facing web applications today according to both OWASP and CWE. They target the heart of applications: databases, which can result in some of the most costly breaches a company can face.
The course covers the biggest injection risks listed in the OWASP Top 10, starting with SQL injections. With SQL injections accounting for nearly two-thirds of all web application attacks from 2017 to 2019 (according to an Akamai report), web developers, product owners, and business leaders need to understand what injection attacks are, how they occur, and what impact these attacks can have on not just organizations, but also customers, partners, and consumers.
The course is designed to provide hands-on experience executing attacks against vulnerable applications, which is an important step in learning how to find vulnerabilities, and ultimately, how to fix and prevent those vulnerabilities. In addition, the course provides an explanation of other types of injection threats, examples of how these attacks work, the impact that successful attacks can have, and security best practices to prevent vulnerabilities.
Upon completion of the course, students will develop the:
- Knowledge of SQL injections, OS Command injections, LDAP injections, XML (XXE) and XPATH injections, and SMTP Header injections
- Ability to gather information about a target to look for potential injection vulnerabilities
- Ability to manually and automatically test applications for injection vulnerabilities
- Ability to look at code and identify potential injection vulnerabilities
- Knowledge of coding best practices to prevent all of the covered injection threats.
As a regular member of Cybr, anyone can complete this course to earn a Certificate of Completion. NYU Cybersecurity students will also earn a co-branded badge in addition to Cybr’s certificate of completion.
These badges and certificates can then proudly be displayed on LinkedIn and in resumes to validate newly acquired knowledge and skills!