Your SlideShare is downloading. ×
0
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)

1,745

Published on

Session handling, credit card transactions, and password recovery are just a few examples of Web-enabled business logic processes that malicious hackers have abused to compromise major websites. These …

Session handling, credit card transactions, and password recovery are just a few examples of Web-enabled business logic processes that malicious hackers have abused to compromise major websites. These types of vulnerabilities are routinely overlooked during QA because the process is intended to test what a piece of code is supposed to do and not what it can be made to do. The other problem(s) with business logic flaws is scanners can’t identify them, IDS can’t detect them, and Web application firewalls can’t defend them. Plus, the more sophisticated and Web 2.0 feature-rich a website, the more prone it is to have flaws in business logic.

Published in: Business, Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,745
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
67
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Seven Business Logic Flaws that put your Website at Risk Jeremiah Grossman WhiteHat Security founder CTO © 2008 WhiteHat Security, Inc. 1
  • 2. 2 Jeremiah Grossman • WhiteHat Security Founder CTO • Technology R and industry evangelist (recently named to named to InfoWorld's CTO 25 List) • Frequent international conference speaker • Co-founder of the Web Application Security Consortium • Co-author: Cross-Site Scripting Attacks • Former Yahoo! information security officer © 2008 WhiteHat Security, Inc. 2

×