Book description
Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of banking applications. The book is intended as a companion to security professionals, software developers and QA professionals who work with banking applications.
Table of contents
- FOREWORD
- ABOUT THE AUTHORS
- CONTENTS
- INTRODUCTION
- CHAPTER 1: APPROACH TO SECURITY TESTING
-
CHAPTER 2: BASIC TESTS AND TECHNIQUES
- SQL injection
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- Directory brute forcing/Searching for defaults
- Weak authorisations
- Weak session management
- Sensitive data in browser cache
- Over-reliance on client-side validation
- Unencrypted traffic
- Unhardened database
- Weak password policies
- Poor error-handling mechanisms
- CHAPTER 3: THE TOOLS OF THE TRADE
-
CHAPTER 4: SECURITY TESTING REPOSITORY
- Generic threat profile and test plan
- Core banking
- Internet banking
- Web trading
- Derivatives trading
- Credit card payment management applications
- Debit card management system
- Mutual funds management
- Loan management application
- Cheque management application
- Overdraft calculator application
- Adjustments and waivers application
- Online remittance application
- Account opening tracker
- Back-office trading application
- Electronic payment switch
- Cash depositor
- Teller automation machines
- ATM reconciler application
- Balance viewer terminals
- Customer care centre application
- Interactive voice response system
- Fraud detection software
- CHAPTER 5: EMERGING TRENDS
- ITG RESOURCES
Product information
- Title: Security Testing Handbook for Banking Applications
- Author(s):
- Release date: February 2009
- Publisher(s): IT Governance Publishing
- ISBN: 9781849281089
You might also like
book
Security Testing Handbook for Banking Applications
Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of …
book
Security Intelligence: A Practitioner's Guide to Solving Enterprise Security Challenges
Similar to unraveling a math word problem, Security Intelligence: A Practitioner's Guide to Solving Enterprise Security …
book
The Basics of IT Audit
The Basics of IT Audit: Purposes, Processes, and Practical Information provides you with a thorough, yet …
book
Internal Control Audit and Compliance: Documentation and Testing Under the New COSO Framework
Ease the transition to the new COSO framework with practical strategy Internal Control Audit and Compliance …