Core Defense Mechanisms - Security for a Site

Chuyên đề thảo luận về Security Testing.
Forum rules
Chuyên đề này chỉ thảo luận về Security Testing.
Để có kết quả nhanh, các bạn nên search trước khi tạo chủ đề mới.
Post Reply
nvnhan282
Hoc Tester
Posts: 4
Joined: Fri 16 Jan, 2015 11:27 am
Contact:
Contact nvnhan282

Core Defense Mechanisms - Security for a Site

Post by nvnhan282 »

Handling User Access
  • Authentication
    Session management
    Access control
Handling User Input
  • Varieties of Input
Approaches to Input Handling
  • “Reject Known Bad”
    “Accept Known Good”
    Sanitization
    Safe Data Handling
    Semantic Checks
    Boundary Validation
    Multistep Validation and Canonicalization
Handling Attackers
  • Handling errors
    Maintaining audit logs
    Alerting administrators
    Reacting to attacks
Managing the Application
  • Weaknesses in the authentication mechanism
    "do not implement effective access control of some of their administrative functions."


Top
Post Reply

Return to “Security Testing - Kiểm thử bảo mật”