資安 - 工程師視角

TonyQ

資訊安全

細心與掌握的考驗

本日重點

列表

  • Injection
  • Session managment/Broken auth
  • Sensitive data exposure
  • Broken access control
  • Security misconfiguration
  • Cross site scripting
  • Insecure deserialization
  • Using component with known volnerabilities
  • Insufficient logging & monitoring

Injection

Session managment/Broken auth

Sensitive data exposure

Broken access control

Security misconfiguration

Cross site scripting

Insecure deserialization

Using component with known volnerabilities

Insufficient logging & monitoring

Q&A