This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "Category:Control"

Jump to: navigation, search
(Examples of controls)
Line 5: Line 5:
==Examples of controls==
==Examples of controls==
*[[Authentication Control]]
*[[Authorization Control]]
*[[Session Management]]
*[[Session Management]]
*[[Input Validation]]
*[[Input Validation]]

Revision as of 18:24, 27 October 2008

This category is a parent category used to track categories of controls (or countermeasure, security mechanisms).

What is a control

Controls are defensive technologies or modules that are used to detect, deter, or deny attacks. Necessary controls in an application should be identified using Threat modeling to ensure that the application is protected against common types of attacks based on the threats it faces. A weakness or design flaw of a control, or the lack of a necessary controls results in a vulnerability that can make the application susceptible to attacks.

Examples of controls

How to add a new Control article

You can follow the instructions to make a new Control article. Please use the appropriate structure and follow the Tutorial. Be sure to paste the following at the end of your article to make it show up in the Control category: