Chapter 3. Operational Review

“Civilization advances by extending the number of important operations which we can perform without thinking.”

Alfred North Whitehead

Introduction

Operational vulnerabilities are the result of issues in an application’s configuration or deployment environment. These vulnerabilities can be a direct result of configuration options an application offers, such as default settings that aren’t secure, or they might be the consequence of choosing less secure modes of operation. Sometimes these vulnerabilities are caused by a failure to use platform security measures properly, such as file system and shared object permissions. Finally, an operational vulnerability could be outside the developer’s direct control. This problem ...

Get The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.