A document I found very useful entitled "A Guide to Building Secure Web
Applications" can be found here:
http://sourceforge.net/project/showfiles.php?group_id=64424&package_id=62287
Oliver.
Tangorre, Michael wrote:
> What kind of defenses are people putting in to prevent cookie poisoning,
> session hijacking, parameter tampering, etc...?
> Does everyone keep this stuff in mind while coding? To be honest, my past
> code has been lax when it comes to making sure all the holes are "plugged",
> and even now, some automated testing tools we have are finding
> vulnerabilities!
>
>
> The checks I have been putting in place and the encrypting of parameters and
> such are definitely adding time to development, but at the same time, the
> quality of the application is much much better....
>
>
> what does everyone else do to prevent malicious users?
>
>
> Mike
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
