Abstract

Current and future Information Systems (IS) personnel and management need to understand SQL Injection, cross-site scripting (XSS), and other web-originating information security vulnerabilities. These can have severe negative impacts, and minimizing these threats is an important consideration for application developers. There are many resources on the Internet and in books to help educate people about these and similar intrusions. The Open Web Application Security Project (OWASP) includes a robust amount of information on this subject and is an excellent starting point in the creation of lecture, demonstration, and student practice on the subject. Using OWASP resources and active software examples is an effective and efficient method to teach IS students on potential security breaches and their prevention.

Share

COinS
 

Teaching Secure Programming to Information Systems Students via OWASP Techniques and Libraries

Current and future Information Systems (IS) personnel and management need to understand SQL Injection, cross-site scripting (XSS), and other web-originating information security vulnerabilities. These can have severe negative impacts, and minimizing these threats is an important consideration for application developers. There are many resources on the Internet and in books to help educate people about these and similar intrusions. The Open Web Application Security Project (OWASP) includes a robust amount of information on this subject and is an excellent starting point in the creation of lecture, demonstration, and student practice on the subject. Using OWASP resources and active software examples is an effective and efficient method to teach IS students on potential security breaches and their prevention.