|
AppXsecurity Academy Learning Paths
|
|
Cross-site scripting (XSS)
|
|
What is XSS?
|
|
How does XSS work?
|
|
Reflected XSS
|
|
Stored XSS
|
|
DOM-based XSS
|
|
How to prevent XSS
|
|
SOQL Injection
|
|
What is SOQL Injection?
|
|
How does SOQL Injection work?
|
|
How to prevent SOQL Injection
|
|
CRUD/FLS
|
|
What is CRUD/FLS?
|
|
How to enforce CRUD/FLS
|
|
Sharing Violation
|
|
What is Sharing Violation?
|
|
How to prevent Sharing Violations
|
|
Cross-site request forgery (CSRF)
|
|
What is CSRF?
|
|
How to prevent CSRF
|
|
Open Redirect
|
|
What is Open Redirect?
|
|
How to prevent Open Redirect
|
|
Insecure Secrets Management
|
|
What is Insecure Secrets Management?
|
|
How to securely manage secrets
|
|
MCP Remote Server Security Misconfigurations
|
|
What are MCP remote endpoint risks?
|
|
How to test MCP remote endpoints
|
|
Insecure Use of High Privilege Methods
|
|
What are high privilege method risks?
|
|
How to secure privileged operations
|
|
Insecure PII Storage
|
|
What is Insecure PII Storage?
|
|
How to securely store PII
|
|
Insecure Loading of Static Resources
|
|
What is Insecure Loading of Static Resources?
|
|
How to securely load static resources
|
|
Unauthorised Use of SessionID
|
|
What is Unauthorised Use of SessionID?
|
|
How to prevent Unauthorised SessionID use
|
|
JS in Salesforce DOM
|
|
What is JS in Salesforce DOM?
|
|
How to prevent JS DOM vulnerabilities
|
|
All Topics
|
|
Getting started with the AppXsecurity Academy
|