Book description
Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of banking applications. The book is intended as a companion to security professionals, software developers and QA professionals who work with banking applications.
Table of contents
- Foreword
- About the Authors
- Introduction
- Chapter 1: Approach to Security Testing
-
Chapter 2: Basic Tests and Techniques
- SQL injection
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- Directory brute forcing/Searching for defaults
- Weak authorisations
- Weak session management
- Sensitive data in browser cache
- Over-reliance on client-side validation
- Unencrypted traffic
- Unhardened database
- Weak password policies
- Poor error-handling mechanisms
- Chapter 3: The Tools of the Trade
-
Chapter 4: Security Testing Repository
- Generic threat profile and test plan
- Core banking (1/2)
- Core banking (2/2)
- Internet banking (1/3)
- Internet banking (2/3)
- Internet banking (3/3)
- Web trading
- Derivatives trading
- Credit card payment management applications
- Debit card management system
- Mutual funds management
- Loan management application
- Cheque management application
- Overdraft calculator application
- Adjustments and waivers application
- Online remittance application
- Account opening tracker
- Back-office trading application
- Electronic payment switch
- Cash depositor
- Teller automation machines
- ATM reconciler application
- Balance viewer terminals
- Customer care centre application
- Interactive voice response system
- Fraud detection software
- Chapter 5: Emerging Trends
- ITG Resources
Product information
- Title: Security Testing Handbook for Banking Applications
- Author(s):
- Release date: February 2009
- Publisher(s): IT Governance Publishing
- ISBN: 9781905356829
You might also like
book
Security Testing Handbook for Banking Applications
Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of …
book
Professional Red Teaming: Conducting Successful Cybersecurity Engagements
Use this unique book to leverage technology when conducting offensive security engagements. You will understand practical …
book
FT Guide to Banking
The Financial Times Guide to Banking is a comprehensive introduction to how banks and banking works. …
book
Cyber Threat Intelligence: The No-Nonsense Guide for CISOs and Security Managers
Understand the process of setting up a successful cyber threat intelligence (CTI) practice within an established …