Owasp: Software Or Data Integrity Failures
 

Modern applications are a collection of open-source libraries, third-party services, serialized data, and automated pipelines.
What you'll learn
Modern applications are a collection of open-source libraries, third-party services, serialized data, and automated pipelines.
Without integrity controls, any one of these components can be modified, replaced, or injected with malicious content, turning trusted software into an attack vector. Incidents like SolarWinds, Codecov, and the Equifax breach demonstrate the devastating consequences of integrity failures across code, data, and deployment processes.
In this course, OWASP: Software or Data Integrity Failures, you'll learn how to identify and defend against integrity-related vulnerabilities across the software lifecycle. First, you'll explore how integrity failures occur, examining insecure deserialization, unverified auto-updates, and build-chain compromises that allow attackers to inject malicious code into trusted systems.
Next, you'll discover how to implement integrity verification techniques, including checksums, digital signatures, code signing, and dependency management, to ensure only validated components enter your applications.