Book description
Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of banking applications. The book is intended as a companion to security professionals, software developers and QA professionals who work with banking applications.
Table of contents
- Foreword
- About the Authors
- Introduction
- Chapter 1: Approach to Security Testing
-
Chapter 2: Basic Tests and Techniques
- SQL injection
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- Directory brute forcing/Searching for defaults
- Weak authorisations
- Weak session management
- Sensitive data in browser cache
- Over-reliance on client-side validation
- Unencrypted traffic
- Unhardened database
- Weak password policies
- Poor error-handling mechanisms
- Chapter 3: The Tools of the Trade
-
Chapter 4: Security Testing Repository
- Generic threat profile and test plan
- Core banking (1/2)
- Core banking (2/2)
- Internet banking (1/3)
- Internet banking (2/3)
- Internet banking (3/3)
- Web trading
- Derivatives trading
- Credit card payment management applications
- Debit card management system
- Mutual funds management
- Loan management application
- Cheque management application
- Overdraft calculator application
- Adjustments and waivers application
- Online remittance application
- Account opening tracker
- Back-office trading application
- Electronic payment switch
- Cash depositor
- Teller automation machines
- ATM reconciler application
- Balance viewer terminals
- Customer care centre application
- Interactive voice response system
- Fraud detection software
- Chapter 5: Emerging Trends
- ITG Resources
Product information
- Title: Security Testing Handbook for Banking Applications
- Author(s):
- Release date: February 2009
- Publisher(s): IT Governance Publishing
- ISBN: 9781905356829
You might also like
book
Security Testing Handbook for Banking Applications
Security Testing Handbook for Banking Applications is a specialised guide to testing a wide range of …
book
Professional Red Teaming: Conducting Successful Cybersecurity Engagements
Use this unique book to leverage technology when conducting offensive security engagements. You will understand practical …
book
Access Control, Authentication, and Public Key Infrastructure, 2nd Edition
PART OF THE JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES Series meets all …
book
Rational Cybersecurity for Business: The Security Leaders' Guide to Business Alignment
Use the guidance in this comprehensive field guide to gain the support of your top executives …