Application Security
Upcoming SlideShare
Loading in...5
×
 

Application Security

on

  • 621 views

cissp -> Application Security

cissp -> Application Security

Statistics

Views

Total Views
621
Slideshare-icon Views on SlideShare
614
Embed Views
7

Actions

Likes
1
Downloads
34
Comments
1

3 Embeds 7

http://www.linkedin.com 5
http://www.lmodules.com 1
http://www.slideshare.net 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

11 of 1

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Application Security Application Security Presentation Transcript

    • Application Security
    • toc • good and bad • bad things first • to be good • and more
    • good and bad • bad things first
    • bad app for • hobby • money (trend)
    • hobby • virus • worm
    • virus • script • stealth
    • money • tick • dos
    • side of good • repository • code
    • repository • database (+warehouse) • directory service • expert system
    • code • more than secure coding
    • to be good app • follow the protocol • based on infra
    • cmm • initial • repeatable • defined • managed • optimizing
    • and more
    • process • needs • logical design (using UML) • real design (using UML) • coding • test • implementation & maintenance • end is near
    • database • DDL, DML • dictionary • rollback, commit and checkpoint • ODBC
    • oo
    • attack! • [infra] nos • [infra] daemon • code
    • attack nos • icmp - flood, can’t handle (ping of death) • tcp/ip - same (flag, syn)
    • attack daemon • dns - cache poison (-> dnssec) • ssh1 - des (-> ssh2 with other cryto) • openssl (-> patch)
    • attack code • cross-site scripting (XSS) • SQL injection
    • fine