CHAPTER 9

Auditing Web Servers and Web Applications

Web servers and web-based applications have provided interfaces for people and systems to access and manipulate information for over 30 years. As the Internet has evolved, web services have become more and more complex, supporting rich, interactive experiences, mobile applications, and more. While application models can vary, some basic principles of web service controls can apply to a wide range of systems. This chapter covers the following:

•   How to audit a web server

•   How to audit a web application

Background

The concept known as the World Wide Web began in the late 1980s with Tim Berners-Lee and Robert Cailliau as a way to improve references in text documentation. Berners-Lee, at ...

Get IT Auditing Using Controls to Protect Information Assets, Third Edition, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.