This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Resource Locking
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.
Every Control should follow this template.
This is a control. To view all control, please see the Control Category page.
ASDR Table of Contents
Last revision (mm/dd/yy): 10/23/2008
Description
A control (countermeasure or security control) is a protection mechanism that prevents, deters, or detects attacks, or prevents or reduces vulnerabilities.
- Start with a one-sentence description of the control
- How does the countermeasure work?
- What are some examples of implementations of the control (steer clear of specific products)
Risk Factors
- Talk about the factors that this control affects
- What effect does this countermeasure have on the attack or vulnerability?
- Does this control reduce the technical or business impact?
Difficulty to Implement
- Discuss the typical difficulty of implementing this control, emphasizing the factors that make it easier or harder
- Steer clear of language/platform specific information here
Examples
Short example name
- A short example description, small picture, or sample code with links
Short example name
- A short example description, small picture, or sample code with links
Related Attacks
Related Vulnerabilities
Note: the contents of "Related Problems" sections should be placed here
Related Controls
Note: contents of "Avoidance and Mitigation" and "Countermeasure" related Sections should be placed here
References
In addition, one should classify control based on the following subcategories: Ex:[[Category:Error Handling Control]]
Availability Control
Authorization Control
Authentication Control
Concurrency Control
Configuration Control
Cryptographic Control
Encoding Control
Error Handling Control
Input Validation Control
Logging and Auditing Control
Session Management Control