SlideShare a Scribd company logo

Developing Secure Web Apps White Paper

Aung Khant
Aung Khant

Developing secure web applications is important to protect sensitive data and systems. The document provides guidelines for developing secure applications throughout the lifecycle from design to deployment. It advocates for a hierarchical view of security where each component is verified and policies are in place to monitor and adapt protections as needed. Application shields and policy recognition tools can help automate security and reduce risks.

TechnologyNews & Politics
1 of 20
Download to read offline
Developing Secure Web Applications White Paper Izhar Bar-Gad Amit Klein Sanctum Inc. June 2002 Sanctum, the Sanctum logo, AppShield, Policy Recognition and Adaptive Reduction are trademarks of Sanctum, Inc. Products mentioned herein are for identification purposes only and may be registered trademarks of their respective companies. Specification subject to change without notice. 2002 Sanctum, Inc. All rights reserved.
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper
Developing Secure Web Apps White Paper

Recommended

Brighttalk viewing-certificate-adopting-zero-trust-for-remote-access
Brighttalk viewing-certificate-adopting-zero-trust-for-remote-accessBrighttalk viewing-certificate-adopting-zero-trust-for-remote-access
Brighttalk viewing-certificate-adopting-zero-trust-for-remote-accessAlexander Knorr
 
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...Ranjan Jain
 
CIS13: Samsung’s Perspective on Mobile Identity
CIS13: Samsung’s Perspective on Mobile IdentityCIS13: Samsung’s Perspective on Mobile Identity
CIS13: Samsung’s Perspective on Mobile IdentityCloudIDSummit
 
Brighttalk viewing-certificate-digging-into-the-2020-isc-2-cybersecurity-work...
Brighttalk viewing-certificate-digging-into-the-2020-isc-2-cybersecurity-work...Brighttalk viewing-certificate-digging-into-the-2020-isc-2-cybersecurity-work...
Brighttalk viewing-certificate-digging-into-the-2020-isc-2-cybersecurity-work...Alexander Knorr
 
Cloud Identity Connectors - Presentation by Ranjan Jain @ Cisco Live 2013
Cloud Identity Connectors - Presentation by Ranjan Jain @ Cisco Live 2013Cloud Identity Connectors - Presentation by Ranjan Jain @ Cisco Live 2013
Cloud Identity Connectors - Presentation by Ranjan Jain @ Cisco Live 2013Ranjan Jain
 
Bit Defender Anti virus by Anupam
Bit Defender Anti virus by AnupamBit Defender Anti virus by Anupam
Bit Defender Anti virus by AnupamUnified Child Foundation
 
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...Lietuvos kompiuterininkų sąjunga
 
Ivanti for msp
Ivanti for mspIvanti for msp
Ivanti for mspIvanti
 

Recommended

Brighttalk viewing-certificate-adopting-zero-trust-for-remote-access
Brighttalk viewing-certificate-adopting-zero-trust-for-remote-accessBrighttalk viewing-certificate-adopting-zero-trust-for-remote-access
Brighttalk viewing-certificate-adopting-zero-trust-for-remote-accessAlexander Knorr
 
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...
Inbound Federation and Zero Sign On (ZSO) by Ranjan Jain at Ping Identity Wor...Ranjan Jain
 
CIS13: Samsung’s Perspective on Mobile Identity
CIS13: Samsung’s Perspective on Mobile IdentityCIS13: Samsung’s Perspective on Mobile Identity
CIS13: Samsung’s Perspective on Mobile IdentityCloudIDSummit
 
Brighttalk viewing-certificate-digging-into-the-2020-isc-2-cybersecurity-work...
Brighttalk viewing-certificate-digging-into-the-2020-isc-2-cybersecurity-work...Brighttalk viewing-certificate-digging-into-the-2020-isc-2-cybersecurity-work...
Brighttalk viewing-certificate-digging-into-the-2020-isc-2-cybersecurity-work...Alexander Knorr
 
Cloud Identity Connectors - Presentation by Ranjan Jain @ Cisco Live 2013
Cloud Identity Connectors - Presentation by Ranjan Jain @ Cisco Live 2013Cloud Identity Connectors - Presentation by Ranjan Jain @ Cisco Live 2013
Cloud Identity Connectors - Presentation by Ranjan Jain @ Cisco Live 2013Ranjan Jain
 
Bit Defender Anti virus by Anupam
Bit Defender Anti virus by AnupamBit Defender Anti virus by Anupam
Bit Defender Anti virus by AnupamUnified Child Foundation
 
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...
Luca, Marius Alexandru „BitDefender apsaugos sprendimai organizacijoms“ (Rumu...Lietuvos kompiuterininkų sąjunga
 
Ivanti for msp
Ivanti for mspIvanti for msp
Ivanti for mspIvanti
 
Ivanti Neurons - Lunch and Learn
Ivanti Neurons - Lunch and LearnIvanti Neurons - Lunch and Learn
Ivanti Neurons - Lunch and LearnIvanti
 
Android Security : A Hacker's Perspective
Android Security : A Hacker's PerspectiveAndroid Security : A Hacker's Perspective
Android Security : A Hacker's PerspectiveSatria Ady Pradana
 
Workspace Control 2020 now with Ivanti Neurons for Edge Intelligence
Workspace Control 2020 now with Ivanti Neurons for Edge IntelligenceWorkspace Control 2020 now with Ivanti Neurons for Edge Intelligence
Workspace Control 2020 now with Ivanti Neurons for Edge IntelligenceIvanti
 
Patch Tuesday August 2020
Patch Tuesday August 2020 Patch Tuesday August 2020
Patch Tuesday August 2020 Ivanti
 
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyDistributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyNetwork Intelligence India
 
What's New in Ivanti Workspace Control 2020.0
What's New in Ivanti Workspace Control 2020.0 What's New in Ivanti Workspace Control 2020.0
What's New in Ivanti Workspace Control 2020.0 Ivanti
 
Ivanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye BreachIvanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye BreachIvanti
 
Brighttalk viewing-certificate-cybersecurity-2020-threat-landscape-and-its-im...
Brighttalk viewing-certificate-cybersecurity-2020-threat-landscape-and-its-im...Brighttalk viewing-certificate-cybersecurity-2020-threat-landscape-and-its-im...
Brighttalk viewing-certificate-cybersecurity-2020-threat-landscape-and-its-im...Alexander Knorr
 
US Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderUS Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderBitdefender Enterprise
 
Dotnetsecurecodingpractices
DotnetsecurecodingpracticesDotnetsecurecodingpractices
DotnetsecurecodingpracticesAung Khant
 
Ecoblancosinlinea
EcoblancosinlineaEcoblancosinlinea
EcoblancosinlineaCristian Castro
 
Ancient Egypt
Ancient EgyptAncient Egypt
Ancient Egyptyapsmail
 
China2008(Lola Mora)
China2008(Lola Mora)China2008(Lola Mora)
China2008(Lola Mora)El Ojo Kanalla .
 
BA 15 Chapter 6
BA 15 Chapter 6BA 15 Chapter 6
BA 15 Chapter 6dpd
 
Cgc Label The World Gis
Cgc Label The World GisCgc Label The World Gis
Cgc Label The World GistprattHWDSB
 
Library Preservation Challenge - Gatenby
Library Preservation Challenge - GatenbyLibrary Preservation Challenge - Gatenby
Library Preservation Challenge - GatenbyKaren S Calhoun
 
Primero
PrimeroPrimero
PrimeroSuperire
 
Internet e interculturalidad en el aula
Internet e interculturalidad en el aulaInternet e interculturalidad en el aula
Internet e interculturalidad en el aulacentros tic
 
IBM AppScan Enterprise - The total software security solution
IBM AppScan Enterprise - The total software security solutionIBM AppScan Enterprise - The total software security solution
IBM AppScan Enterprise - The total software security solutionhearme limited company
 
Info sec for startups
Info sec for startupsInfo sec for startups
Info sec for startupsKesava Reddy
 
b_siem_deployment.pdf
b_siem_deployment.pdfb_siem_deployment.pdf
b_siem_deployment.pdfMiguelAlva22
 
Smart Windows Markets, Exec Summary
Smart Windows Markets, Exec SummarySmart Windows Markets, Exec Summary
Smart Windows Markets, Exec Summaryn-tech Research
 

More Related Content

What's hot

Ivanti Neurons - Lunch and Learn
Ivanti Neurons - Lunch and LearnIvanti Neurons - Lunch and Learn
Ivanti Neurons - Lunch and LearnIvanti
 
Android Security : A Hacker's Perspective
Android Security : A Hacker's PerspectiveAndroid Security : A Hacker's Perspective
Android Security : A Hacker's PerspectiveSatria Ady Pradana
 
Workspace Control 2020 now with Ivanti Neurons for Edge Intelligence
Workspace Control 2020 now with Ivanti Neurons for Edge IntelligenceWorkspace Control 2020 now with Ivanti Neurons for Edge Intelligence
Workspace Control 2020 now with Ivanti Neurons for Edge IntelligenceIvanti
 
Patch Tuesday August 2020
Patch Tuesday August 2020 Patch Tuesday August 2020
Patch Tuesday August 2020 Ivanti
 
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyDistributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyNetwork Intelligence India
 
What's New in Ivanti Workspace Control 2020.0
What's New in Ivanti Workspace Control 2020.0 What's New in Ivanti Workspace Control 2020.0
What's New in Ivanti Workspace Control 2020.0 Ivanti
 
Ivanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye BreachIvanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye BreachIvanti
 
Brighttalk viewing-certificate-cybersecurity-2020-threat-landscape-and-its-im...
Brighttalk viewing-certificate-cybersecurity-2020-threat-landscape-and-its-im...Brighttalk viewing-certificate-cybersecurity-2020-threat-landscape-and-its-im...
Brighttalk viewing-certificate-cybersecurity-2020-threat-landscape-and-its-im...Alexander Knorr
 
US Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderUS Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderBitdefender Enterprise
 

What's hot (9)

Ivanti Neurons - Lunch and Learn
Ivanti Neurons - Lunch and LearnIvanti Neurons - Lunch and Learn
Ivanti Neurons - Lunch and Learn
 
Android Security : A Hacker's Perspective
Android Security : A Hacker's PerspectiveAndroid Security : A Hacker's Perspective
Android Security : A Hacker's Perspective
 
Workspace Control 2020 now with Ivanti Neurons for Edge Intelligence
Workspace Control 2020 now with Ivanti Neurons for Edge IntelligenceWorkspace Control 2020 now with Ivanti Neurons for Edge Intelligence
Workspace Control 2020 now with Ivanti Neurons for Edge Intelligence
 
Patch Tuesday August 2020
Patch Tuesday August 2020 Patch Tuesday August 2020
Patch Tuesday August 2020
 
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing MethodologyDistributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing Methodology
 
What's New in Ivanti Workspace Control 2020.0
What's New in Ivanti Workspace Control 2020.0 What's New in Ivanti Workspace Control 2020.0
What's New in Ivanti Workspace Control 2020.0
 
Ivanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye BreachIvanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye Breach
 
Brighttalk viewing-certificate-cybersecurity-2020-threat-landscape-and-its-im...
Brighttalk viewing-certificate-cybersecurity-2020-threat-landscape-and-its-im...Brighttalk viewing-certificate-cybersecurity-2020-threat-landscape-and-its-im...
Brighttalk viewing-certificate-cybersecurity-2020-threat-landscape-and-its-im...
 
US Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to BitdefenderUS Roadshow - Introduction to Bitdefender
US Roadshow - Introduction to Bitdefender
 

Viewers also liked

Dotnetsecurecodingpractices
DotnetsecurecodingpracticesDotnetsecurecodingpractices
DotnetsecurecodingpracticesAung Khant
 
Ancient Egypt
Ancient EgyptAncient Egypt
Ancient Egyptyapsmail
 
BA 15 Chapter 6
BA 15 Chapter 6BA 15 Chapter 6
BA 15 Chapter 6dpd
 
Cgc Label The World Gis
Cgc Label The World GisCgc Label The World Gis
Cgc Label The World GistprattHWDSB
 
Library Preservation Challenge - Gatenby
Library Preservation Challenge - GatenbyLibrary Preservation Challenge - Gatenby
Library Preservation Challenge - GatenbyKaren S Calhoun
 
Internet e interculturalidad en el aula
Internet e interculturalidad en el aulaInternet e interculturalidad en el aula
Internet e interculturalidad en el aulacentros tic
 

Viewers also liked (9)

Dotnetsecurecodingpractices
DotnetsecurecodingpracticesDotnetsecurecodingpractices
Dotnetsecurecodingpractices
 
Ecoblancosinlinea
EcoblancosinlineaEcoblancosinlinea
Ecoblancosinlinea
 
Ancient Egypt
Ancient EgyptAncient Egypt
Ancient Egypt
 
China2008(Lola Mora)
China2008(Lola Mora)China2008(Lola Mora)
China2008(Lola Mora)
 
BA 15 Chapter 6
BA 15 Chapter 6BA 15 Chapter 6
BA 15 Chapter 6
 
Cgc Label The World Gis
Cgc Label The World GisCgc Label The World Gis
Cgc Label The World Gis
 
Library Preservation Challenge - Gatenby
Library Preservation Challenge - GatenbyLibrary Preservation Challenge - Gatenby
Library Preservation Challenge - Gatenby
 
Primero
PrimeroPrimero
Primero
 
Internet e interculturalidad en el aula
Internet e interculturalidad en el aulaInternet e interculturalidad en el aula
Internet e interculturalidad en el aula
 

Similar to Developing Secure Web Apps White Paper

IBM AppScan Enterprise - The total software security solution
IBM AppScan Enterprise - The total software security solutionIBM AppScan Enterprise - The total software security solution
IBM AppScan Enterprise - The total software security solutionhearme limited company
 
Info sec for startups
Info sec for startupsInfo sec for startups
Info sec for startupsKesava Reddy
 
b_siem_deployment.pdf
b_siem_deployment.pdfb_siem_deployment.pdf
b_siem_deployment.pdfMiguelAlva22
 
Smart Windows Markets, Exec Summary
Smart Windows Markets, Exec SummarySmart Windows Markets, Exec Summary
Smart Windows Markets, Exec Summaryn-tech Research
 
Smart Windows Markets 2012
Smart Windows Markets 2012Smart Windows Markets 2012
Smart Windows Markets 2012n-tech Research
 
G D51739 Web Standard
G D51739 Web StandardG D51739 Web Standard
G D51739 Web Standardguest1d920d
 
IBM AppScan Source - The SAST solution
IBM AppScan Source - The SAST solutionIBM AppScan Source - The SAST solution
IBM AppScan Source - The SAST solutionhearme limited company
 
Mtil Corporate 15 07 11
Mtil Corporate 15 07 11Mtil Corporate 15 07 11
Mtil Corporate 15 07 11bhavikmeghani
 
Global IoT Cloud Services Survey-Aug-20160527
Global IoT Cloud Services Survey-Aug-20160527Global IoT Cloud Services Survey-Aug-20160527
Global IoT Cloud Services Survey-Aug-20160527August Lin
 
Industrial IoT - build your industry 4.0 @techitaly
Industrial IoT - build your industry 4.0 @techitalyIndustrial IoT - build your industry 4.0 @techitaly
Industrial IoT - build your industry 4.0 @techitalyGiacomo Veneri
 
SPI Dynamics web application security 101
SPI Dynamics web application security 101 SPI Dynamics web application security 101
SPI Dynamics web application security 101 Wade Malone
 
Anatomy Of Web App
Anatomy Of Web AppAnatomy Of Web App
Anatomy Of Web AppAung Khant
 
2020 KringleCon HolidayHack Report - Brazzell
2020 KringleCon HolidayHack Report - Brazzell2020 KringleCon HolidayHack Report - Brazzell
2020 KringleCon HolidayHack Report - BrazzellCurtis Brazzell
 
IBM AppScan - the total software security solution
IBM AppScan - the total software security solutionIBM AppScan - the total software security solution
IBM AppScan - the total software security solutionhearme limited company
 
Scan mate i1150 i1180 family brochure anz_lo
Scan mate i1150 i1180 family brochure anz_loScan mate i1150 i1180 family brochure anz_lo
Scan mate i1150 i1180 family brochure anz_loJusto Dantas
 
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.IRJET Journal
 
Avner Algom IGT Opening HP Seminar
Avner Algom IGT Opening HP SeminarAvner Algom IGT Opening HP Seminar
Avner Algom IGT Opening HP SeminarAvner Algom
 

Similar to Developing Secure Web Apps White Paper (20)

IBM AppScan Enterprise - The total software security solution
IBM AppScan Enterprise - The total software security solutionIBM AppScan Enterprise - The total software security solution
IBM AppScan Enterprise - The total software security solution
 
Info sec for startups
Info sec for startupsInfo sec for startups
Info sec for startups
 
b_siem_deployment.pdf
b_siem_deployment.pdfb_siem_deployment.pdf
b_siem_deployment.pdf
 
Smart Windows Markets, Exec Summary
Smart Windows Markets, Exec SummarySmart Windows Markets, Exec Summary
Smart Windows Markets, Exec Summary
 
Smart Windows Markets 2012
Smart Windows Markets 2012Smart Windows Markets 2012
Smart Windows Markets 2012
 
ATSPL capabilities
ATSPL capabilitiesATSPL capabilities
ATSPL capabilities
 
G D51739 Web Standard
G D51739 Web StandardG D51739 Web Standard
G D51739 Web Standard
 
IBM AppScan Source - The SAST solution
IBM AppScan Source - The SAST solutionIBM AppScan Source - The SAST solution
IBM AppScan Source - The SAST solution
 
Mtil Corporate 15 07 11
Mtil Corporate 15 07 11Mtil Corporate 15 07 11
Mtil Corporate 15 07 11
 
Global IoT Cloud Services Survey-Aug-20160527
Global IoT Cloud Services Survey-Aug-20160527Global IoT Cloud Services Survey-Aug-20160527
Global IoT Cloud Services Survey-Aug-20160527
 
Industrial IoT - build your industry 4.0 @techitaly
Industrial IoT - build your industry 4.0 @techitalyIndustrial IoT - build your industry 4.0 @techitaly
Industrial IoT - build your industry 4.0 @techitaly
 
SPI Dynamics web application security 101
SPI Dynamics web application security 101 SPI Dynamics web application security 101
SPI Dynamics web application security 101
 
Anatomy Of Web App
Anatomy Of Web AppAnatomy Of Web App
Anatomy Of Web App
 
2020 KringleCon HolidayHack Report - Brazzell
2020 KringleCon HolidayHack Report - Brazzell2020 KringleCon HolidayHack Report - Brazzell
2020 KringleCon HolidayHack Report - Brazzell
 
IBM AppScan - the total software security solution
IBM AppScan - the total software security solutionIBM AppScan - the total software security solution
IBM AppScan - the total software security solution
 
Scan mate i1150 i1180 family brochure anz_lo
Scan mate i1150 i1180 family brochure anz_loScan mate i1150 i1180 family brochure anz_lo
Scan mate i1150 i1180 family brochure anz_lo
 
Web Synergy 20080911
Web Synergy 20080911Web Synergy 20080911
Web Synergy 20080911
 
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
OCR DETECTION AND BIOMETRIC AUTHENTICATED CREDIT CARD PAYMENT SYSTEM.
 
Avner Algom IGT Opening HP Seminar
Avner Algom IGT Opening HP SeminarAvner Algom IGT Opening HP Seminar
Avner Algom IGT Opening HP Seminar
 
Static analysis for go lang
Static analysis for go langStatic analysis for go lang
Static analysis for go lang
 

More from Aung Khant

Introducing Msd
Introducing MsdIntroducing Msd
Introducing MsdAung Khant
 
Securing Php App
Securing Php AppSecuring Php App
Securing Php AppAung Khant
 
Securing Web Server Ibm
Securing Web Server IbmSecuring Web Server Ibm
Securing Web Server IbmAung Khant
 
Security Design Patterns
Security Design PatternsSecurity Design Patterns
Security Design PatternsAung Khant
 
Security Code Review
Security Code ReviewSecurity Code Review
Security Code ReviewAung Khant
 
Security Engineering Executive
Security Engineering ExecutiveSecurity Engineering Executive
Security Engineering ExecutiveAung Khant
 
Security Engineeringwith Patterns
Security Engineeringwith PatternsSecurity Engineeringwith Patterns
Security Engineeringwith PatternsAung Khant
 
Security Web Servers
Security Web ServersSecurity Web Servers
Security Web ServersAung Khant
 
Security Testing Web App
Security Testing Web AppSecurity Testing Web App
Security Testing Web AppAung Khant
 
Session Fixation
Session FixationSession Fixation
Session FixationAung Khant
 
Sql Injection Paper
Sql Injection PaperSql Injection Paper
Sql Injection PaperAung Khant
 
Sql Injection Adv Owasp
Sql Injection Adv OwaspSql Injection Adv Owasp
Sql Injection Adv OwaspAung Khant
 
Php Security Iissues
Php Security IissuesPhp Security Iissues
Php Security IissuesAung Khant
 
Sql Injection White Paper
Sql Injection White PaperSql Injection White Paper
Sql Injection White PaperAung Khant
 
S Vector4 Web App Sec Management
S Vector4 Web App Sec ManagementS Vector4 Web App Sec Management
S Vector4 Web App Sec ManagementAung Khant
 
Php Security Value1
Php Security Value1Php Security Value1
Php Security Value1Aung Khant
 
Privilege Escalation
Privilege EscalationPrivilege Escalation
Privilege EscalationAung Khant
 
Php Security Workshop
Php Security WorkshopPhp Security Workshop
Php Security WorkshopAung Khant
 
Preventing Xs Sin Perl Apache
Preventing Xs Sin Perl ApachePreventing Xs Sin Perl Apache
Preventing Xs Sin Perl ApacheAung Khant
 

More from Aung Khant (20)

Introducing Msd
Introducing MsdIntroducing Msd
Introducing Msd
 
Securing Php App
Securing Php AppSecuring Php App
Securing Php App
 
Securing Web Server Ibm
Securing Web Server IbmSecuring Web Server Ibm
Securing Web Server Ibm
 
Security Design Patterns
Security Design PatternsSecurity Design Patterns
Security Design Patterns
 
Security Code Review
Security Code ReviewSecurity Code Review
Security Code Review
 
Security Engineering Executive
Security Engineering ExecutiveSecurity Engineering Executive
Security Engineering Executive
 
Security Engineeringwith Patterns
Security Engineeringwith PatternsSecurity Engineeringwith Patterns
Security Engineeringwith Patterns
 
Security Web Servers
Security Web ServersSecurity Web Servers
Security Web Servers
 
Security Testing Web App
Security Testing Web AppSecurity Testing Web App
Security Testing Web App
 
Session Fixation
Session FixationSession Fixation
Session Fixation
 
Sql Injection Paper
Sql Injection PaperSql Injection Paper
Sql Injection Paper
 
Sql Injection Adv Owasp
Sql Injection Adv OwaspSql Injection Adv Owasp
Sql Injection Adv Owasp
 
Php Security Iissues
Php Security IissuesPhp Security Iissues
Php Security Iissues
 
Sql Injection White Paper
Sql Injection White PaperSql Injection White Paper
Sql Injection White Paper
 
S Shah Web20
S Shah Web20S Shah Web20
S Shah Web20
 
S Vector4 Web App Sec Management
S Vector4 Web App Sec ManagementS Vector4 Web App Sec Management
S Vector4 Web App Sec Management
 
Php Security Value1
Php Security Value1Php Security Value1
Php Security Value1
 
Privilege Escalation
Privilege EscalationPrivilege Escalation
Privilege Escalation
 
Php Security Workshop
Php Security WorkshopPhp Security Workshop
Php Security Workshop
 
Preventing Xs Sin Perl Apache
Preventing Xs Sin Perl ApachePreventing Xs Sin Perl Apache
Preventing Xs Sin Perl Apache
 

Recently uploaded

Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 

Developing Secure Web Apps White Paper

  • 1. Developing Secure Web Applications White Paper Izhar Bar-Gad Amit Klein Sanctum Inc. June 2002 Sanctum, the Sanctum logo, AppShield, Policy Recognition and Adaptive Reduction are trademarks of Sanctum, Inc. Products mentioned herein are for identification purposes only and may be registered trademarks of their respective companies. Specification subject to change without notice. 2002 Sanctum, Inc. All rights reserved.