More Related Content Similar to OutSystems Security Specialization - Study Help Deck (20) OutSystems Security Specialization - Study Help Deck2. Mandatory: name, username and pass
Authentication vs. Authorization
2
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
14. CSP - Content Security Policy
14
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
15. CSP - Content Security Policy
15
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
16. CSP - Content Security Policy
16
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
26. Set multiple authentication providers
https://www.outsystems.com/blog/posts/multiple-authentication-providers/
26
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
27. SSL and Session Cookies
27
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
30. Admin of the Users app
30
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
40. SQL, HTML & Javascript Injection
40
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
42. Internal User vs. External User
42
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
43. Providers & Authentication flow
If Active Directory OR LDAP:
- Login screen is the same BUT credentials are validated on
AD / LDAP server
- user is autom/ created in OS DB on the 1st successful
login without storing any password data
- first tries to authenticate user locally if exists in OS DB and
has a pasword defined!
If Integrated Windows Authentication:
- if user in same domain of the windows platform server,
authentication is against windows domain credentials
through browser and skips default login screen
43
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
45. Authentication flow & User roles
45
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
48. Backoff for End Users
48
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
49. Backoff for IT Users
49
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
53. Cross Site Scripting - XSS
53
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
55. PII and Sensitive Information
55
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©
62. Key Store plugin & Man In The Middle Attack
62
Security Specialization | Study Help Deck
Fábio Godinho | OutSystems ©