Web application security is a stack how to CYA (Cover Your Apps) completely
<span>This book is intended for application developers, system administrators and operators, as well as networking professionals who need a comprehensive top-level view of web application security in order to better defend and protect both the 'web' and the 'application' a...
| Otros Autores: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Cambridgeshire, England :
IT Governance Publishing
2015.
|
| Edición: | 1st edition |
| Colección: | Fundamentals Series
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009630031406719 |
Tabla de Contenidos:
- ABOUT THE AUTHOR; ACKNOWLEDGEMENTS; CONTENTS; CHAPTER 1: INTRODUCTION; The modern threat ; CYA: Cover Your Apps ; CHAPTER 2: ATTACK SURFACE ; The web application security stack ; Application: Platform ; Transport protocols ; Secure transport protocols ; Web application protocols ; Application: Logic ; Application: Data ; CHAPTER 3: THREAT VECTORS ; Threat vector: Data ; Exfiltration ; Corruption ; Threat vector: Protocols ; Cross-site scripting (XSS) ; Cross-site request forgery (CSRF) ; HTTP request smuggling ; HTTP response splitting ; HTTP header vulnerabilities
- Threat vector: Availability HTTP GET flood; Slowloris; Slow HTTP POST; CHAPTER 4: THREAT MITIGATION ; The three Cs of application security ; Client ; Context ; Content ; Inbound threat mitigation ; Filtering ; Behavioural analysis ; Signatures and anomalies ; Client-based assistance ; Outbound threat mitigation ; Data leak prevention ; Expectation analysis ; CHAPTER 5: CONCLUSION; ITG RESOURCES
