CHAPTER 8Auditing Web Servers and Web Applications

The explosive growth in the Internet has also driven an explosive growth in development tools, programming languages, web browsers, databases, and different client-server models. The unfortunate result is that complex models often require additional controls to secure the model. This chapter covers the absolute bare minimum set of controls that should be reviewed. This chapter covers the following:

• How to audit a web server

• How to audit a web application

Background

Few technology inventions have changed our lives as much—or as quickly—as web applications. The web interface has grown from static pages to an incredibly interactive blend of capabilities driven by an army of creative programmers. ...

Get IT Auditing Using Controls to Protect Information Assets, 2nd Edition, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.