Book description
Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of banking applications. The book is intended as a companion to security professionals, software developers and QA professionals who work with banking applications.
Table of contents
- Foreword
- About the Authors
- Introduction
- Chapter 1: Approach to Security Testing
-
Chapter 2: Basic Tests and Techniques
- SQL injection
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- Directory brute forcing/Searching for defaults
- Weak authorisations
- Weak session management
- Sensitive data in browser cache
- Over-reliance on client-side validation
- Unencrypted traffic
- Unhardened database
- Weak password policies
- Poor error-handling mechanisms
- Chapter 3: The Tools of the Trade
-
Chapter 4: Security Testing Repository
- Generic threat profile and test plan
- Core banking (1/2)
- Core banking (2/2)
- Internet banking (1/3)
- Internet banking (2/3)
- Internet banking (3/3)
- Web trading
- Derivatives trading
- Credit card payment management applications
- Debit card management system
- Mutual funds management
- Loan management application
- Cheque management application
- Overdraft calculator application
- Adjustments and waivers application
- Online remittance application
- Account opening tracker
- Back-office trading application
- Electronic payment switch
- Cash depositor
- Teller automation machines
- ATM reconciler application
- Balance viewer terminals
- Customer care centre application
- Interactive voice response system
- Fraud detection software
- Chapter 5: Emerging Trends
- ITG Resources
Product information
- Title: Security Testing Handbook for Banking Applications
- Author(s):
- Release date: February 2009
- Publisher(s): IT Governance Publishing
- ISBN: 9781905356829
You might also like
book
Bank 4.0
The future of banking is already here — are you ready? Bank 4.0 explores the radical …
book
Management of Banking and Financial Services, 4e
Management of Banking and Financial Services 4/e, provides a thorough landscape of the banking and financial …
book
Microservices Security in Action
Microservices Security in Action is filled with solutions, teaching best practices for throttling and monitoring, access …
book
Developing Cybersecurity Programs and Policies, Third Edition
All the Knowledge You Need to Build Cybersecurity Programs and Policies That Work Clearly presents best …