Chapter 12

Application Security

In this chapter, we consider the various ways in which we might secure our applications. We go over the vulnerabilities common to the software development process, including buffer overflows, race conditions, input validation attacks, authentication attacks, authorization attacks, and cryptographic attacks, and how we might mitigate these by following secure coding guidelines. We talk about Web security, the areas of concern on both the client and server sides of the technology. We introduce database security and cover protocol issues, unauthenticated access, arbitrary code execution, and privilege escalation and the measures we might take to mitigate them. Lastly, we examine security tools from an application perspective, ...

Get The Basics of Information Security, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.