This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:WASS Security Frame"
From OWASP
Deleted user (talk | contribs) |
(Reverting to last version not containing links to www.texttracbodom.com) |
||
(2 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | |||
== Introduction Text == | == Introduction Text == | ||
Add suggested approach of how to audit against/use the requirements | Add suggested approach of how to audit against/use the requirements |
Latest revision as of 18:29, 27 May 2009
Introduction Text
Add suggested approach of how to audit against/use the requirements
Requirements
Architecture
Deployment and Configuration
Authentication
- Deploy mechanisms to enhance the security of authentication credentials used.
- Establish a new session identifier upon user authentication.
Authorization
Session and User Management
- Deploy mechanisms to securely perform tasks related to user management.
- Take measures to securely manage user identification.
- Take measures to securely manage cookies.
Auditing and Logging
Data Validation
Injections
Privacy
- Do not transmit sensitive information in GET requests.
- Disable caching of sensitive pages.
- Do not store sensitive information in Hidden fields.
Cryptography
File system
Canonicalization and Unicode
This category currently contains no pages or media.