Skip to main content

Application Security Tips of the Week

Application Security Tips of the Week

Use Simple Error Messages
What to Do Show simple error messages that don't contain too much information. Write detailed information to log files. Why Error messages should be s... altro
Protect Session Cookies
Applies to Applications written using Servlets or JSP. What to Do Protect the confidentiality of session cookies. Why Session cookies are used by an a... altro
Prevent Disclosure of SQL Errors
Applies to PHP What to Do Do not show SQL error messages. Why SQL error messages should not be displayed to prevent disclosing information about the d... altro
Do Not Cache Sensitive Data
Applies To ASP.NET 4.0 What to Do ASP.NET output caching is a great way to improve application performance, however, if your page contains data that i... altro
Use Parameterized APIs for Data Access
Applies to Applications written using Servlets or JSP that interact with a database. What to Do Use Prepared Statements to execute SQL statements. Do ... altro
Log Unusual Activity
What to Do Log unusual activity. Why Unusual activity may be an indication that an attack is in progress. How Perform the following actions to impleme... altro
Enforce Strong Password Requirements
Applies To PHP What to Do Enforce strong password requirements. Why Requiring strong passwords prevents weak passwords from being used. Using strong ... altro
Use Positive Input Validation
What to Do Validate all user input by using white-list/positive input validation. White-list input validation means allowing only input that is explic... altro
Prevent Information Disclosure in Error Messages
What to Do Ensure that error messages only contain minimal details that are useful to the intended audience, and nobody else. The messages need to str... altro
Implement Authentication Controls to Fail Securely
What to Do Make sure authentication controls fail securely. Why Designing authentication to fail securely when abnormal conditions occur reduces the r... altro
Microsoft sta conducendo un sondaggio in linea per comprendere l'opinione degli utenti in merito al sito Web di. Se si sceglie di partecipare, quando si lascia il sito Web di verrà visualizzato il sondaggio in linea.

Si desidera partecipare?