This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
This category is a parent category used to track categories of controls (or countermeasure, security mechanisms).
What is a control
Controls are defensive technologies or modules that are used to detect, deter, or deny attacks. Necessary controls in an application should be identified using threat analysis to ensure that the application is protected against common types of attacks based on the threats it faces. A weakness or design flaw of a control, or the lack of a necessary controls results in a vulnerability that can make the application susceptible to attacks.
Examples of controls
- Session Management
- Input Validation
- Error Handling
How to add a new Control article
You can follow the instructions to make a new Control article. Please use the appropriate structure and follow the Tutorial. Be sure to paste the following at the end of your article to make it show up in the Control category:
This category has the following 11 subcategories, out of 11 total.
- ► Authentication Control (empty)
- ► Authorization Control (empty)
- ► Availability Control (empty)
- ► Concurrency Control (empty)
- ► Configuration Control (empty)
- ► Cryptographic Control (3 P)
- ► Encoding Control (1 P)
- ► Error Handling Control (empty)
- ► Input Validation Control (1 P)
- ► Logging and Auditing Control (1 P)
- ► Session Management Control (empty)
Pages in category "Control"
The following 33 pages are in this category, out of 33 total.