Chapter 8. Software Vulnerability Security Controls
This chapter covers the following topics:
Application Security Design Considerations: This section covers concepts used to guide the process of architecting security into software products, including secure by design, secure by default, and secure by deployment.
Specific Application Issues: Topics covered include insecure direct object references, XSS, cross-site request forgery (CSRF), click-jacking, session management, input validation, SQL injection, improper error and exception handling, privilege escalation, and more.
Application Sandboxing: This section discusses the value and use of sandboxing.
Secure Encrypted Enclaves: This section covers security issues involved with encrypted information. ...
Get CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
