Web Application Security

Descripción

Web Application Security Apunte sobre Web Application Security, creado por Namita Tomar el 13/11/2018.
Namita Tomar
Apunte por Namita Tomar, actualizado hace más de 1 año
Namita Tomar
Creado por Namita Tomar hace alrededor de 6 años
6
0

Resumen del Recurso

Página 1

Injection :   What ? Untrusted user input is interpreted by server and executed What is impact ? Data modified and stolen. How to prevent it ? - Reject invalid/untrusted input - Use latest frameworks - Hire penetration testers

Página 2

Broken Authentication and session management   What it is ? Incorrectly build auth and session management which allow attackers to impersonate other users. Impact ? Attacker can take identity of victim. How to prevent? Don't develop your own authentication scheme

Página 3

Cross Site Scripting (XSS)   What it is ? Untrusted user input is interpreted by Browser and executed. What is the impact ? Hijack user sessions, deface websites and change content How to prevent it ? Escape untrusted data use latest UI framework.

Página 4

Broken Access Control   What it is ? Restrictions on what authenticated users are allowed to do are not properly enforced.  Impact ? Attackers can access data, view sensitive files and modify data How to prevent it ? - Check access rights to UI level and server level for the requests to resources. - Deny access by default  

Página 5

Security Misconfiguration   What it is ? Human mistake of misconfigurating the system Impact ? Depends on misconfiguration. worst misconfiguration can result in loss of data. How to prevent it ? - Force change of default credentials - Least privilege to system - Static code that scan code for default settings - Keep patching, updating and testing the system - Regularly audit system deployment in production.

Página 6

Sensitive Data Exposure   What it is ? Sensitive data is exposed eg, social security number, passwords, health records. Impact ? Data that is lost, corrupted or exposed have serious implications on business continuity. How to prevent it ? - Always obscure data. - update cryptographic algorithm - use salted encryption on storage of passwords

Mostrar resumen completo Ocultar resumen completo

Similar

Contraception
Matthew Coulson
1.5 Application and Security Controls
DJ Perrone
Diesel Injection Pumps
Paul Allen
Cómo crear un Mapa Mental
maya velasquez
ADIVINANZAS  de  animales...
JL Cadenas
Nietzsche: Estudio sobre la Ética
maya velasquez
TABLA PERIÓDICA Y PROPIEDADES PERIODICAS
JORGE LEOBARDO PACHECO GAYOSSO
PROMO 2021 - THIRD PERSON RULES (6 a 7p.m)
Miguel Hurtado
La función de relación
escolapias sotillo
Transition Words For Your Essays
Elaine del Valle
MAPA CONCEPTUAL MODELO DE GESTIÓN POLICIAL
Andres Grijalva Cordova