Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Secure Software Development

Secure Software Development

Ulugbek Miniyarov

July 05, 2018
Tweet

More Decks by Ulugbek Miniyarov

Other Decks in Programming

Transcript

  1. OWASP Top 10 - 2017 The Ten Most Critical Web

    Application Security Risks Injection Flaw - SQL, NoSQL, OS and LDAP Broken Authentication - Incorrect OAuth, JWT or Session configuration Sensitive Data Exposure - Not properly protecting Credit Card, Identity Data XML External Entities - Poorly configured XML Processors Broken Access Control - Unauthorized access to authenticated users Security Misconfiguration - Insecure, incomplete default configurations Cross-Site Scripting - Not properly sanitized user provided data Insecure Deserialization - Leads to Remote Code Execution Using Components with Known Vulnerabilities - Not up-to-date components, libraries Insufficient Logging & Monitoring - Missing or ineffective integration