Chapter 13

Analyzing Vulnerabilities and Recommending Risk Mitigations

This chapter covers the following topics:

  • Vulnerabilities: This section covers race conditions, buffer and integer overflows, broken authentication, unsecure references, poor exception handling, security misconfiguration, improper headers, information disclosure, certificate errors, weak cryptography implementations, weak ciphers, weak cipher suite implementations, software composition analysis, the use of vulnerable frameworks and software modules, the use of unsafe functions, third-party libraries and dependencies, code injections/malicious changes, managing end of support/end of life, and regression issues.

  • Inherently Vulnerable System/Application: This section describes ...

Get CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial