This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Cornucopia - Ecommerce Website - CR 8
From OWASP
Revision as of 15:14, 21 January 2016 by Dariodf (talk | contribs) (Created page with "{{DISPLAYTITLE:<span style="padding:2px 5px 0px 5px;color:white;background:#a395ca;">Cornucopia - Ecommerce Website - CR 8</span>}} File:Cornucopia_-_Ecommerce_Website_CR_8....")
Suit: Cryptography
Card/Value: 8
Description:
Eoin can access stored business data (e.g. passwords, session identifiers, PII, cardholder data) because it is not securely encrypted or securely hashed.
Technical Note:
NB: The key concept for this card is protection of stored data.
References:
OWASP SCP | OWASP ASVS | OWASP AppSensor | CAPEC | SAFECODE |
---|---|---|---|---|
30 | 2.13 | - | 31 | 21 |
31 | 7.7 | 37 | 29 | |
70 | 7.8 | 55 | 31 | |
133 | 8.10 | |||
135 | 9.2 |