Submitter
File Information
- Submitted: Jul 29 2010 12:23
- Last Updated: Jul 29 2010 12:23
- File Size: 1.53MB
- Views: 57
- Downloads: 0
- OS: Not Applicable
- Language: English
- Website: http://code.google.com/p/accorute/
Download AcCoRuTe OWASP Eu Summit 2008 Presentation
0
AcCoRuTe OWASP Eu Summit 2008 Presentation
I believe that web application business logic vulnerabilities will be under increasing attention in near future. Although input validation vulnerabilities (XSS, SQLI) are in overwhelming majority nowadays, many automated approaches have emerged that deal with them. On the contrary, there are no known approaches (and methodologies for security experts) to classify or even detect business logic vulnerabilities. Besides, business logic flaws usually expose web application to great risks (according to OWASP Testing Guide). The proposal is to make an attempt to create a systematic approach that addresses business logic vulnerabilities. To begin with, access control flaws are surveyed.
I believe that web application business logic vulnerabilities will be under increasing attention in near future. Although input validation vulnerabilities (XSS, SQLI) are in overwhelming majority nowadays, many automated approaches have emerged that deal with them. On the contrary, there are no known approaches (and methodologies for security experts) to classify or even detect business logic vulnerabilities. Besides, business logic flaws usually expose web application to great risks (according to OWASP Testing Guide). The proposal is to make an attempt to create a systematic approach that addresses business logic vulnerabilities. To begin with, access control flaws are surveyed.
- 18,950 Total Files
- 88 Total Categories
- 48 Total Authors
- 346,628 Total Downloads
- Packet Fence 3.0.3 Latest File
- Crow Latest Submitter
