This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Cornucopia - Ecommerce Website - CR 6
From OWASP
Suit: Cryptography
Card/Value: 6
Description:
Romain can read and modify data in memory or in transit (e.g. cryptographic secrets, credentials, session identifiers, personal and commercially-sensitive data), in use or in communications within the application, or between the application and users, or between the application and external systems.
Technical Note:
NB: The key concept for this card is lack of encryption of data in transit and/or in memory.
References:
| OWASP SCP | OWASP ASVS | OWASP AppSensor | CAPEC | SAFECODE |
|---|---|---|---|---|
| 36 | 9.2 | - | 31 | 29 |
| 37 | 10.2 | 57 | ||
| 143 | 10.3 | 102 | ||
| 146 | 10.7 | 158 | ||
| 147 | 384 | |||
| 466 |
