book

Industrial Internet Application Development

by Alena Traukina, Jayant Thomas, Prashant Tyagi, Veera Kishore Reddipalli

September 2018

Intermediate to advanced

412 pages

11h 12m

English

Packt Publishing

Read now

Unlock full access

Content preview from Industrial Internet Application Development

Phase 2 – technical security assessments

The goal of phase 2 is to run many different security tools to perform static and dynamic code analyses to identify vulnerabilities in the IIoT application code. Before we dive into the tools, let's look at a recap of the top vulnerabilities, as defined by OWASP, given here for reference:

Injection issues: These happen when additional query parameters are added as part of the API query by an attacker. Issues such as SQL injections and LDAP injections fall into this category.
Cross-site scripting (XSS): XSS occurs whenever an attacker takes over the end user's browser and enables the attacker to execute scripts in the user's browser, which can hijack user sessions, among other things.
Broken authentication ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Hands-On Industrial Internet of Things

Giacomo Veneri, Antonio Capasso

Professional Embedded ARM Development

James A. Langbridge

What Employees Want Most in Uncertain Times

Kristine W. Powers, Jessica B.B. Diaz

How I Built a Personal Board of Directors With GenAI

Vipin Gupta

Publisher Resources

ISBN: 9781788298599Supplemental Content