Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in the manual
Do you really want to delete this prezi?
Neither you, nor the coeditors you shared it with will be able to recover it again.
Make your likes visible on Facebook?
Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.
OWASP Top Ten Defenses
Transcript of OWASP Top Ten Defenses
Core requirements for any project
Business logic requirements
Secure Architecture and Design
When to use request, session
or database for data flow.
Business specific features
Leverage secure coding frameworks and libraries
Turnkey Security Library
Identity and Authentication
Forgot Password Workflow
Multi Factor Auth
Limitations of Role Based Access Control
Mr Thin Line
Capabilities-based access control
Access Control and Intrusion Detection
Stored Procedures and
Building SQL and
White List Black List
Input Validation and Internationalization
My Name is...WHAT
Code and Data
Output encoding for XSS
Other encodings for LDAP, XML
construction and OS Command injection resistance
At rest with AES
In transit with SSL
Secure number generation
Logging, Error Handling and Intrusion Detection