This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Cornucopia - Ecommerce Website - C 3"
From OWASP
(Created page with "{{DISPLAYTITLE:<span style="padding:2px 5px 0px 5px;color:white;background:#17365d;">Cornucopia - Ecommerce Website - C 3</span>}} File:Cornucopia_-_Ecommerce_Website_C_3.pn...") |
|||
Line 52: | Line 52: | ||
</tr> | </tr> | ||
</table> | </table> | ||
− | |||
− | |||
Latest revision as of 16:29, 21 January 2016
Suit: Cornucopia
Card/Value: 3
Description:
Andrew can access source code, or decompile, or otherwise access business logic to understand how the application works and any secrets contained.
Technical Note:
Protect source code repositories and server-side source-code. Consider anti reverse-engineering techniques. Do not include or minimise logic/secrets within code accessible by users.
References:
OWASP SCP | OWASP ASVS | OWASP AppSensor | CAPEC | SAFECODE |
---|---|---|---|---|
134 | - | - | 56 | - |
189 | ||||
207 | ||||
211 |