While they're described with such obscure names as Cross-Site Scripting, SQL Injection, or directory transversal, mitigating the risks associated with web application vulnerabilities and the attack methods that exploit them needn't be beyond the reach of any organization. This article, the first in a three-part series, will provide an overview of what you need to know to perform a vulnerability assessment to check for web security risks. It'll show you what you can reasonably expect a web application security scanner to accomplish, and what types of assessments still require expert eyes. The following two articles will show you how to remedy the web security risks a vulnerability assessment will uncover (and there'll be plenty to do), and the final segment will explain how to instill the proper levels of awareness, policies, and technologies required to keep web application security flaws to a minimum - from an application's conception, design, and coding, to its life in production.
Web Application Vulnerability Assessment Essentials
- Learn How to Properly Execute a Web Application Vulnerability Assessment
- Just What Is a Web Application Vulnerability Assessment?
- Conducting Your Vulnerability Assessment: The First Steps
- The Vulnerability Assessment
Learn How to Properly Execute a Web Application Vulnerability Assessment
You might also like...
About the author
Caleb Sima
Caleb Sima is the former co-founder and CTO of SPI Dynamics, which was acquired by HP Software...
Interested in writing for us? Find out more.
Open Source tutorials
- What You Need to Know about PCI Compliance and Web Application Security Policy Changes
- Effective Controls for Attaining Continuous Application Security Throughout the Web Application Development Life Cycle
- Top 10 Application Security Vulnerabilities in Web.config Files - Part Two
- Testing for Security in the Age of Ajax Programming
Open Source books
-
CASP CompTIA Advanced Security Practitioner Study Guide: Exam CAS-001 (Comptia Study Guide)
Brand-new security certification insight from an industry expertTargeting security professionals who either have their CompTIA Security+ certification or are looking to achieve a more advanced security certification, this CompTIA Authorized study gui...
Open Source forum discussion
-
Best security system for laptop
by maha.k47825 (0 replies)
-
Input Identification... mouse buttons
by al.clennan (0 replies)
-
i need someone to help with a C++ project
by jerry.jude (0 replies)
-
Software development company GroupBWT
by alexthunders01 (0 replies)
-
The requested URL was not found on this server
by haulexgem (0 replies)
Open Source podcasts
-
IBM developerWorks: TWOdW: Save data energy and pull down old silos
Published 8 years ago, running time 0h2m
Last month, we highlighted a demo on how to integrate reverse-proxy WebSEAL (found in the IBM Security Access Manager solution) with the SAP NetWeaver Application Server ABAP. Now developerWorks has provided a wrapper of resources around the video to help you identify opportunities to learn more
Comments