Tag Archives: authentication

Discover the OWASP Cheat Sheets for improving security in applications

OWASP has started building a library of cheat sheets, information that summarizes a lot of the knowledge around managing, reviewing, building and testing software and services.

No doubt you as a developer or the development organization you work with already know about OWASP, the top-10 list and coding guidelines. OWASP also provides the Cheat Sheet series, high value information on specific topics written by security professionals who have expertize in these topics.

Cheat Sheets for your QA and Requirements

The Web Application Security Testing Cheat Sheet, currently published as a draft, provides hints for QA on how to address initial high level security testing of a service. Among other things, it lists a number of injection attacks, and even if there of course are more it will give the tester the basis on how to set up a test plan. The  Authentication Cheat Sheet is great for helping a product manager or architect to find requirements on how to log in to the service.

References

[1] https://www.owasp.org/index.php/OWASP_Cheat_Sheet_Series
[2] https://www.owasp.org/index.php/Web_Application_Security_Testing_Cheat_Sheet
[3] https://www.owasp.org/index.php/Authentication_Cheat_Sheet

Rickard Schoultz
I work at Digital River World Payments at the Principal Architect, but all views are my own. I write about technologies related to payments, security, network infrastructure and information management.