This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Cornucopia - Ecommerce Website - C 3

From OWASP
Revision as of 16:29, 21 January 2016 by Dariodf (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Cornucopia - Ecommerce Website C 3.png

Suit: Cornucopia

Card/Value: 3

Description:

Andrew can access source code, or decompile, or otherwise access business logic to understand how the application works and any secrets contained.

Technical Note:

Protect source code repositories and server-side source-code. Consider anti reverse-engineering techniques. Do not include or minimise logic/secrets within code accessible by users.

References:

OWASP SCP OWASP ASVS OWASP AppSensor CAPEC SAFECODE
134 - - 56 -
189
207
211



« Previous Card | Cornucopia | Next Card »