Go4Expert

Go4Expert (http://www.go4expert.com/)
-   Ethical hacking (http://www.go4expert.com/forums/ethical-hacking-forum/)
-   -   The typical 10 security breaches (http://www.go4expert.com/forums/typical-10-security-breaches-t29566/)

slk3 22Mar2013 16:03

The typical 10 security breaches
 
IBM AppScan is a good tool to detect security breaches of web applications. Does anybody ever study it? Typically AppScan can find out 10 main attacks including
  • XSS,
  • SQL(Code) Injection,
  • Malicious file execution,
  • Insecure direct object references,
  • CSRF,
  • Information to leak out and improper error handling,
  • Broken authentication and Session management,
  • Insecure cryptographic storage,
  • Unsecured communication,
  • URL access restrictions fail
What are the corresponding solutions for them? Does anybody ever summarize?

Syperus 7Apr2013 07:23

Re: The typical 10 security breaches
 
Where's buffer overflow? This is one of the top security risks due to poor programming techniques.


All times are GMT +5.5. The time now is 20:30.