Programming notes

about java, spring, android, app performance and architecture

Tuesday, 28 February 2012

OWASP Top Ten Web-sites Security leaks

  • A1: Injection
  • A2: Cross-Site Scripting (XSS)
  • A3: Broken Authentication and Session Management
  • A4: Insecure Direct Object References
  • A5: Cross-Site Request Forgery (CSRF)
  • A6: Security Misconfiguration
  • A7: Insecure Cryptographic Storage
  • A8: Failure to Restrict URL Access
  • A9: Insufficient Transport Layer Protection
  • A10: Unvalidated Redirects and Forwards
Source:
Link
Posted by Sergey at 15:46
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Labels: security

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

Search This Blog

About Me

Sergey
View my complete profile
View Sergey Safonov's profile on LinkedIn

Subscribe To

Posts
Atom
Posts
Comments
Atom
Comments

Labels

  • java (25)
  • libraries (19)
  • performance (17)
  • android (15)
  • spring (14)
  • other (13)
  • database (8)
  • javaee (7)
  • hibernate (6)
  • tomcat (6)
  • architecture (5)
  • javascript (4)
  • books (3)
  • api (2)
  • concurrency (2)

Blog Archive

  • ►  2022 (1)
    • ►  December (1)
  • ►  2020 (5)
    • ►  September (1)
    • ►  June (1)
    • ►  April (2)
    • ►  March (1)
  • ►  2019 (4)
    • ►  October (3)
    • ►  March (1)
  • ►  2018 (3)
    • ►  August (1)
    • ►  June (1)
    • ►  March (1)
  • ►  2017 (11)
    • ►  September (1)
    • ►  July (1)
    • ►  June (3)
    • ►  March (2)
    • ►  February (3)
    • ►  January (1)
  • ►  2016 (12)
    • ►  December (1)
    • ►  November (1)
    • ►  October (1)
    • ►  September (4)
    • ►  August (1)
    • ►  June (1)
    • ►  May (1)
    • ►  February (2)
  • ►  2015 (9)
    • ►  December (1)
    • ►  November (2)
    • ►  October (1)
    • ►  May (1)
    • ►  March (2)
    • ►  January (2)
  • ►  2014 (5)
    • ►  November (1)
    • ►  October (2)
    • ►  May (1)
    • ►  January (1)
  • ►  2013 (11)
    • ►  December (1)
    • ►  October (2)
    • ►  July (2)
    • ►  June (2)
    • ►  April (2)
    • ►  March (1)
    • ►  January (1)
  • ▼  2012 (14)
    • ►  December (1)
    • ►  November (2)
    • ►  September (1)
    • ►  August (2)
    • ►  July (2)
    • ►  June (2)
    • ►  April (1)
    • ►  March (1)
    • ▼  February (2)
      • OWASP Top Ten Web-sites Security leaks
      • C3P0 ConnectionPool: How To configure
  • ►  2011 (17)
    • ►  December (1)
    • ►  November (1)
    • ►  September (4)
    • ►  August (1)
    • ►  July (1)
    • ►  May (2)
    • ►  April (2)
    • ►  March (1)
    • ►  February (1)
    • ►  January (3)
  • ►  2010 (18)
    • ►  December (6)
    • ►  November (2)
    • ►  October (7)
    • ►  September (3)

Geography

30 days page views

Popular Posts

  • A different object with the same identifier value was already associated with the session
    Hibernate Error: org.hibernate.NonUniqueObjectException: a different object with the same identifier value was already associated with the ...
  • Horizontal scrollbars at top & bottom in Datatables
    In my data table I have a lot of data so horizontal scroll is required. I found library jQuery-doubleScroll but it doesn't work with D...
  • Generate settings-security.xml file for maven password encryption
      mvn --encrypt-master-password   does not create a file   security-settings.xml .  Use the command  mvn --encrypt-master-password  to gener...
  • Migrating a project from Java 11 to Java 17
    Java 17 is new LTS version and it make sense to migrate existing projects to the new version. I will describe my specific case
  • Disable jsp compilation on Tomcat
    For performance reasons it could be useful to disable jsp compilation (in runtime), and do pre-compilation. In tomcat you can disable it in...
  • Free Java hosting options and Heroku tomcat deployment
    I wanted to write some java app that would communicate with 3rd party API. The main problem there was that this API requires https connecti...
  • Java: Using SQLite
    SQLite - is embedded relational database management system.In other words you can use sql database without server.
  • Configuring VisualVM with tomcat + linux
    VisualVM is a tool that provides a visual interface for viewing detailed information about Java applications while they are running on a J...
  • Auto Generate Database(ER) Diagram MySql
    To create ER diagram from db schema you can use SchemaSpy.
  • Configuring Log4j with Java Web Applications + Tomcat
    Log4j -  is a Java-based logging utility. Next i will explain hot to configure it with Web App + tomcat.
Awesome Inc. theme. Powered by Blogger.