Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Things I need to know about security

Things I need to know about security

Lightning talk given at the August RORO. Trying to give a basic overview of 3 security threats to your web application.

Jonathan Yeong

August 09, 2016
Tweet

More Decks by Jonathan Yeong

Other Decks in Technology

Transcript

  1. What Uses SQL as an input which will influence a

    database and cause the application to perform an unintended action. How Sanitize your inputs! SQL Injection Impact: Devastating Exploitability: Easy
  2. Cross Site Scripting (XSS) What A XSS attack occurs when

    malicious code is saved by the application and is then redisplayed without interference from security mechanisms. How Sanitize your outputs! Impact: Harmful Exploitability: Easy
  3. Session Hijacking Impact: Harmful Exploitability: Moderate What Session hijacking refers

    to the scenario where an attacker is able to impersonate a legitimate user, either by stealing their session identifier, or forging session information. [1] How Use HTTPS - enforce SSL for pages you don’t want a hacker to access. Set your cookies to secure and httponly.