Feedback
Web security audits - Methodologies, tools and experience return
Article REF: H5135 V1
Feedback
Web security audits - Methodologies, tools and experience return

Author : Laurent BUTTI

Publication date: April 10, 2014 | Lire en français

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

4. Feedback

This chapter presents case studies of safety audits and their implementation in an operational context.

4.1 Problems encountered during audits

In terms of spot audits, we noted the following :

  • common XSS vulnerabilities, in particular DOM-Based XSS ;

  • SQL injection vulnerabilities are becoming less and less common;

  • very rare file/resource injection vulnerabilities ;

  • vulnerabilities involving inadequate protection of sensitive data (e.g. passwords), which are quite common ;

  • common misconfiguration vulnerabilities.

There are several possible reasons...

You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?

Article included in this offer

"Security of information systems"

( 86 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details
Contact our team FAQ