Cornucopia - Ecommerce Website - C 8
David can bypass the application to gain access to data because the network and host infrastructure, and supporting services/applications, have not been securely configured, the configuration rechecked periodically and security patches applied, or the data is stored locally, or the data is not physically protected.
NB: The key concept for this card is host/network hardening, configuration and patching. See C 10 instead for software hardening, configuration and patching.
|OWASP SCP||OWASP ASVS||OWASP AppSensor||CAPEC||SAFECODE|