CHAPTER 4: THREAT MITIGATION
Mitigating threats across the web application stack requires consideration of the primary threat vectors through which web applications are attacked. This is made more difficult by the reality that not all attackers are human; attacks are often carried out by compromised devices that have fallen prey to malware. Careful consideration of all interaction with users is necessary, including attempting to distinguish between bots, spiders and human beings.
There are three logical points at which it makes sense to apply application security policies. Each provides the means to apply a different approach to mitigating potential attacks, based on the state of the exchange. Some mitigation techniques are best applied external ...
Get Web Application Security is a Stack: How to CYA (Cover Your Apps) Completely now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
