This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Cornucopia - Ecommerce Website - C 8
From OWASP
Revision as of 15:27, 21 January 2016 by Dariodf (talk | contribs) (Created page with "{{DISPLAYTITLE:<span style="padding:2px 5px 0px 5px;color:white;background:#17365d;">Cornucopia - Ecommerce Website - C 8</span>}} File:Cornucopia_-_Ecommerce_Website_C_8.pn...")
Suit: Cornucopia
Card/Value: 8
Description:
David can bypass the application to gain access to data because the network and host infrastructure, and supporting services/applications, have not been securely configured, the configuration rechecked periodically and security patches applied, or the data is stored locally, or the data is not physically protected.
Technical Note:
NB: The key concept for this card is host/network hardening, configuration and patching. See C 10 instead for software hardening, configuration and patching.
References:
| OWASP SCP | OWASP ASVS | OWASP AppSensor | CAPEC | SAFECODE |
|---|---|---|---|---|
| 151 | - | RE1 | 37 | - |
| 152 | RE2 | 220 | ||
| 156 | 289 | |||
| 160 | 310 | |||
| 161 | 436 | |||
| 173 | ||||
| 174 | ||||
| 175 | ||||
| 176 | ||||
| 177 |
