This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Category:OWASP Java Project"

From OWASP
Jump to: navigation, search
m (Redirected page to Category:Java)
 
(146 intermediate revisions by 19 users not shown)
Line 1: Line 1:
While Java and J2EE contain many security technologies, it is not easy to produce an application without security vulnerabilities. Most application security [[:Category:Vulnerability|Vulnerabilities]] apply to Java applications just like other environments. The notable exception is [[Buffer overflow|buffer overflow]] and related issues that do not apply to Java applications.
+
#REDIRECT [[:Category:Java]]
 
 
==Securing the Java Environment==
 
Verifier and Sandbox
 
JRE vs. JDK (precompile JSPs)
 
 
 
 
 
==Securing Java Application Code==
 
Common vulnerabilities like...Runtime.exec, Statement, readline()
 
Dangers of native code, dynamic code, and reflection
 
Tools like PMD and FindBugs
 
Security mechanisms like logging, encryption, error handling
 
 
 
==Securing the J2EE Environment==
 
Minimize attack surface in web.xml
 
Configure error handlers
 
 
 
==Securing J2EE Application Code==
 
Vulnerabilities like...
 
Using J2EE filters for protection
 
Mechanisms like input validation, encoding
 
Common vulnerabilities like...
 
 
 
[[Category:Languages]]
 
 
 
{{Template:Stub}}
 

Latest revision as of 10:27, 21 January 2016

Redirect to:

Media in category "OWASP Java Project"

This category contains only the following file.