49. SQL Injection
LDAP Injection
Xml Injection
XSS Injection
Common Injection
Broken authentication
Session Management
Password Policies
Invalidated Redirects and Forwards
Missing Function Level Access ControlCSRF
Sensitive Data Exposure
Insecure Direct Object References
وب تحت افزارهاینرم هایپذیریآسیب
50. Security in software architecture
Security Logs
Brute Force
Security for External Systems Two Factor Authentication
Client Data Validation
Safe CryptographyProtection from Data Integrity
TLS 1.2
Secure Error Handling
سازمان امنیتی هایسیاست