Contents - Web Application Security, A Beginner's Guide [Book]

Skip to main content

Get full access to Web Application Security, A Beginner's Guide and 60K+ other titles, with free 10-day trial of O'Reilly.

There's also live online events, interactive content, certification prep materials, and more.

Start your free trial

Contents

ACKNOWLEDGMENTS

PART I Primer

1 Welcome to the Wide World of Web Application Security

Misplaced Priorities and the Need for a New Focus

Network Security versus Application Security: The Parable of the Wizard and the Magic Fruit Trees

Real-World Parallels

Thinking like a Defender

The OWASP Top Ten List

#2. Cross-Site Scripting (XSS)

#3. Broken Authentication and Session Management

#4. Insecure Direct Object References

#5. Cross-Site Request Forgery

#6. Security Misconfiguration

#7. Insecure Cryptographic Storage

#8. Failure to Restrict URL Access

#9. Insufficient Transport Layer Protection

#10. Unvalidated Redirects and Forwards

Wrapping Up the OWASP Top Ten

Secure Features, Not Just Security Features

Get Web Application Security, A Beginner's Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Cover of Software Architecture Patterns