SlideShare a Scribd company logo
1 of 55
Download to read offline
Seven Business Logic Flaws
that put your Website at Risk

Jeremiah Grossman
WhiteHat Security founder  CTO




                                  © 2008 WhiteHat Security, Inc.

                                                               1
2


          Jeremiah Grossman
             • WhiteHat Security Founder  CTO
             • Technology R and industry evangelist
                (recently named to named to InfoWorld's CTO 25 List)

             • Frequent international conference speaker
             • Co-founder of the Web Application
               Security Consortium
             • Co-author: Cross-Site Scripting Attacks
             • Former Yahoo! information security officer




© 2008 WhiteHat Security, Inc.

                                                                       2
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)

More Related Content

Viewers also liked

Ret Barbosa
Ret BarbosaRet Barbosa
Ret Barbosakacdown
 
Sociální sítě - Workshop
Sociální sítě - WorkshopSociální sítě - Workshop
Sociální sítě - WorkshopJan Horna
 
The Case for a Web Audit: Your 360 Degree Performance Review
The Case for a Web Audit: Your 360 Degree Performance ReviewThe Case for a Web Audit: Your 360 Degree Performance Review
The Case for a Web Audit: Your 360 Degree Performance ReviewKathy McShea
 
Data Governance Maturity Model Thesis
Data Governance Maturity Model ThesisData Governance Maturity Model Thesis
Data Governance Maturity Model ThesisJan Merkus
 
Best Practices for Structuring Your Web Content
Best Practices for Structuring Your  Web ContentBest Practices for Structuring Your  Web Content
Best Practices for Structuring Your Web ContentBen MacNeill
 
WhiteHat Security Presentation
WhiteHat Security PresentationWhiteHat Security Presentation
WhiteHat Security Presentationmarkgmeyer
 
Implementing the Four Pillars of the SharePoint Governance Maturity Model
Implementing the Four Pillars of the SharePoint Governance Maturity ModelImplementing the Four Pillars of the SharePoint Governance Maturity Model
Implementing the Four Pillars of the SharePoint Governance Maturity ModelChristian Buckley
 
Website Governance: Tips for Defining a Successful Strategy
Website Governance: Tips for Defining a Successful StrategyWebsite Governance: Tips for Defining a Successful Strategy
Website Governance: Tips for Defining a Successful StrategyPercussion Software
 
Website Governance Document
Website Governance DocumentWebsite Governance Document
Website Governance DocumentDemand Metric
 
Governance Maturity Assessment Report
Governance Maturity Assessment ReportGovernance Maturity Assessment Report
Governance Maturity Assessment Reportsmcasas
 
A Practical Web Governance Framework
A Practical Web Governance FrameworkA Practical Web Governance Framework
A Practical Web Governance FrameworkShane Diffily
 
Small business consultant performance appraisal
Small business consultant performance appraisalSmall business consultant performance appraisal
Small business consultant performance appraisalmartinnick967
 
Content marketing maturity map & e-guide
Content marketing maturity map & e-guideContent marketing maturity map & e-guide
Content marketing maturity map & e-guideHind Al Nahedh
 
Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)Adnan Naseem
 
Web Governance: Where Strategy Meets Structure
Web Governance: Where Strategy Meets StructureWeb Governance: Where Strategy Meets Structure
Web Governance: Where Strategy Meets StructurePeter Morville
 
Planning for Content Governance
Planning for Content GovernancePlanning for Content Governance
Planning for Content GovernanceRick Allen
 
Rethinking Website Design: Creating a Peak-Performing Website with Less Risk ...
Rethinking Website Design: Creating a Peak-Performing Website with Less Risk ...Rethinking Website Design: Creating a Peak-Performing Website with Less Risk ...
Rethinking Website Design: Creating a Peak-Performing Website with Less Risk ...HubSpot
 

Viewers also liked (18)

Ret Barbosa
Ret BarbosaRet Barbosa
Ret Barbosa
 
Sociální sítě - Workshop
Sociální sítě - WorkshopSociální sítě - Workshop
Sociální sítě - Workshop
 
The Case for a Web Audit: Your 360 Degree Performance Review
The Case for a Web Audit: Your 360 Degree Performance ReviewThe Case for a Web Audit: Your 360 Degree Performance Review
The Case for a Web Audit: Your 360 Degree Performance Review
 
Data Governance Maturity Model Thesis
Data Governance Maturity Model ThesisData Governance Maturity Model Thesis
Data Governance Maturity Model Thesis
 
Best Practices for Structuring Your Web Content
Best Practices for Structuring Your  Web ContentBest Practices for Structuring Your  Web Content
Best Practices for Structuring Your Web Content
 
WhiteHat Security Presentation
WhiteHat Security PresentationWhiteHat Security Presentation
WhiteHat Security Presentation
 
Implementing the Four Pillars of the SharePoint Governance Maturity Model
Implementing the Four Pillars of the SharePoint Governance Maturity ModelImplementing the Four Pillars of the SharePoint Governance Maturity Model
Implementing the Four Pillars of the SharePoint Governance Maturity Model
 
Website Governance: Tips for Defining a Successful Strategy
Website Governance: Tips for Defining a Successful StrategyWebsite Governance: Tips for Defining a Successful Strategy
Website Governance: Tips for Defining a Successful Strategy
 
Website Governance Document
Website Governance DocumentWebsite Governance Document
Website Governance Document
 
Governance Maturity Assessment Report
Governance Maturity Assessment ReportGovernance Maturity Assessment Report
Governance Maturity Assessment Report
 
A Practical Web Governance Framework
A Practical Web Governance FrameworkA Practical Web Governance Framework
A Practical Web Governance Framework
 
Small business consultant performance appraisal
Small business consultant performance appraisalSmall business consultant performance appraisal
Small business consultant performance appraisal
 
Content marketing maturity map & e-guide
Content marketing maturity map & e-guideContent marketing maturity map & e-guide
Content marketing maturity map & e-guide
 
Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)Risk Management Maturity Model (RMMM)
Risk Management Maturity Model (RMMM)
 
Web Governance: Where Strategy Meets Structure
Web Governance: Where Strategy Meets StructureWeb Governance: Where Strategy Meets Structure
Web Governance: Where Strategy Meets Structure
 
Planning for Content Governance
Planning for Content GovernancePlanning for Content Governance
Planning for Content Governance
 
Rethinking Website Design: Creating a Peak-Performing Website with Less Risk ...
Rethinking Website Design: Creating a Peak-Performing Website with Less Risk ...Rethinking Website Design: Creating a Peak-Performing Website with Less Risk ...
Rethinking Website Design: Creating a Peak-Performing Website with Less Risk ...
 
It governance & cobit 5
It governance & cobit 5It governance & cobit 5
It governance & cobit 5
 

More from Jeremiah Grossman

All these vulnerabilities, rarely matter
All these vulnerabilities, rarely matterAll these vulnerabilities, rarely matter
All these vulnerabilities, rarely matterJeremiah Grossman
 
How to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare SectorHow to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare SectorJeremiah Grossman
 
The Attack Surface of the Healthcare Industry
The Attack Surface of the Healthcare IndustryThe Attack Surface of the Healthcare Industry
The Attack Surface of the Healthcare IndustryJeremiah Grossman
 
Exploring the Psychological Mechanisms used in Ransomware Splash Screens
Exploring the Psychological Mechanisms used in Ransomware Splash ScreensExploring the Psychological Mechanisms used in Ransomware Splash Screens
Exploring the Psychological Mechanisms used in Ransomware Splash ScreensJeremiah Grossman
 
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareWhat the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareJeremiah Grossman
 
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareWhat the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareJeremiah Grossman
 
Next Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideNext Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideJeremiah Grossman
 
Can Ransomware Ever Be Defeated?
Can Ransomware Ever Be Defeated?Can Ransomware Ever Be Defeated?
Can Ransomware Ever Be Defeated?Jeremiah Grossman
 
Ransomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to KnowRansomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to KnowJeremiah Grossman
 
Web Application Security Statistics Report 2016
Web Application Security Statistics Report 2016Web Application Security Statistics Report 2016
Web Application Security Statistics Report 2016Jeremiah Grossman
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage YearsJeremiah Grossman
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage YearsJeremiah Grossman
 
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Jeremiah Grossman
 
WhiteHat’s Website Security Statistics Report 2015
WhiteHat’s Website Security Statistics Report 2015WhiteHat’s Website Security Statistics Report 2015
WhiteHat’s Website Security Statistics Report 2015Jeremiah Grossman
 
No More Snake Oil: Why InfoSec Needs Security Guarantees
No More Snake Oil: Why InfoSec Needs Security GuaranteesNo More Snake Oil: Why InfoSec Needs Security Guarantees
No More Snake Oil: Why InfoSec Needs Security GuaranteesJeremiah Grossman
 
WhiteHat Security 2014 Statistics Report Explained
WhiteHat Security 2014 Statistics Report ExplainedWhiteHat Security 2014 Statistics Report Explained
WhiteHat Security 2014 Statistics Report ExplainedJeremiah Grossman
 
WhiteHat 2014 Website Security Statistics Report
WhiteHat 2014 Website Security Statistics ReportWhiteHat 2014 Website Security Statistics Report
WhiteHat 2014 Website Security Statistics ReportJeremiah Grossman
 
WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)Jeremiah Grossman
 
Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012Jeremiah Grossman
 

More from Jeremiah Grossman (20)

All these vulnerabilities, rarely matter
All these vulnerabilities, rarely matterAll these vulnerabilities, rarely matter
All these vulnerabilities, rarely matter
 
How to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare SectorHow to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare Sector
 
The Attack Surface of the Healthcare Industry
The Attack Surface of the Healthcare IndustryThe Attack Surface of the Healthcare Industry
The Attack Surface of the Healthcare Industry
 
Exploring the Psychological Mechanisms used in Ransomware Splash Screens
Exploring the Psychological Mechanisms used in Ransomware Splash ScreensExploring the Psychological Mechanisms used in Ransomware Splash Screens
Exploring the Psychological Mechanisms used in Ransomware Splash Screens
 
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareWhat the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
 
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareWhat the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
 
Next Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideNext Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers Guide
 
Can Ransomware Ever Be Defeated?
Can Ransomware Ever Be Defeated?Can Ransomware Ever Be Defeated?
Can Ransomware Ever Be Defeated?
 
Ransomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to KnowRansomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to Know
 
Web Application Security Statistics Report 2016
Web Application Security Statistics Report 2016Web Application Security Statistics Report 2016
Web Application Security Statistics Report 2016
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years
 
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
 
WhiteHat’s Website Security Statistics Report 2015
WhiteHat’s Website Security Statistics Report 2015WhiteHat’s Website Security Statistics Report 2015
WhiteHat’s Website Security Statistics Report 2015
 
No More Snake Oil: Why InfoSec Needs Security Guarantees
No More Snake Oil: Why InfoSec Needs Security GuaranteesNo More Snake Oil: Why InfoSec Needs Security Guarantees
No More Snake Oil: Why InfoSec Needs Security Guarantees
 
WhiteHat Security 2014 Statistics Report Explained
WhiteHat Security 2014 Statistics Report ExplainedWhiteHat Security 2014 Statistics Report Explained
WhiteHat Security 2014 Statistics Report Explained
 
WhiteHat 2014 Website Security Statistics Report
WhiteHat 2014 Website Security Statistics ReportWhiteHat 2014 Website Security Statistics Report
WhiteHat 2014 Website Security Statistics Report
 
Million Browser Botnet
Million Browser BotnetMillion Browser Botnet
Million Browser Botnet
 
WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)
 
Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012
 

Recently uploaded

Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Seta Wicaksana
 
1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdfShaun Heinrichs
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?Olivia Kresic
 
Appkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxAppkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxappkodes
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfrichard876048
 
EUDR Info Meeting Ethiopian coffee exporters
EUDR Info Meeting Ethiopian coffee exportersEUDR Info Meeting Ethiopian coffee exporters
EUDR Info Meeting Ethiopian coffee exportersPeter Horsten
 
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdfChris Skinner
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy Verified Accounts
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCRashishs7044
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyotictsugar
 
Chapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditChapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditNhtLNguyn9
 
Entrepreneurship lessons in Philippines
Entrepreneurship lessons in  PhilippinesEntrepreneurship lessons in  Philippines
Entrepreneurship lessons in PhilippinesDavidSamuel525586
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
trending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdf
trending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdftrending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdf
trending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdfMintel Group
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMVoces Mineras
 
WSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdfWSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdfJamesConcepcion7
 
business environment micro environment macro environment.pptx
business environment micro environment macro environment.pptxbusiness environment micro environment macro environment.pptx
business environment micro environment macro environment.pptxShruti Mittal
 

Recently uploaded (20)

Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...
 
1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf1911 Gold Corporate Presentation Apr 2024.pdf
1911 Gold Corporate Presentation Apr 2024.pdf
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 
Call Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North GoaCall Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North Goa
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?
 
Appkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptxAppkodes Tinder Clone Script with Customisable Solutions.pptx
Appkodes Tinder Clone Script with Customisable Solutions.pptx
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdf
 
EUDR Info Meeting Ethiopian coffee exporters
EUDR Info Meeting Ethiopian coffee exportersEUDR Info Meeting Ethiopian coffee exporters
EUDR Info Meeting Ethiopian coffee exporters
 
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
20220816-EthicsGrade_Scorecard-JP_Morgan_Chase-Q2-63_57.pdf
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail Accounts
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyot
 
Chapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditChapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal audit
 
WAM Corporate Presentation April 12 2024.pdf
WAM Corporate Presentation April 12 2024.pdfWAM Corporate Presentation April 12 2024.pdf
WAM Corporate Presentation April 12 2024.pdf
 
Entrepreneurship lessons in Philippines
Entrepreneurship lessons in  PhilippinesEntrepreneurship lessons in  Philippines
Entrepreneurship lessons in Philippines
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
trending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdf
trending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdftrending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdf
trending-flavors-and-ingredients-in-salty-snacks-us-2024_Redacted-V2.pdf
 
Memorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQMMemorándum de Entendimiento (MoU) entre Codelco y SQM
Memorándum de Entendimiento (MoU) entre Codelco y SQM
 
WSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdfWSMM Media and Entertainment Feb_March_Final.pdf
WSMM Media and Entertainment Feb_March_Final.pdf
 
business environment micro environment macro environment.pptx
business environment micro environment macro environment.pptxbusiness environment micro environment macro environment.pptx
business environment micro environment macro environment.pptx
 

Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)

  • 1. Seven Business Logic Flaws that put your Website at Risk Jeremiah Grossman WhiteHat Security founder CTO © 2008 WhiteHat Security, Inc. 1
  • 2. 2 Jeremiah Grossman • WhiteHat Security Founder CTO • Technology R and industry evangelist (recently named to named to InfoWorld's CTO 25 List) • Frequent international conference speaker • Co-founder of the Web Application Security Consortium • Co-author: Cross-Site Scripting Attacks • Former Yahoo! information security officer © 2008 WhiteHat Security, Inc. 2