To identify vulnerabilities and risks: active analysis of the application for any weaknesses, technical flaws, or vulnerabilities. 1) Known vulnerabilities in COTS applications 2) Technical vulnerabilities: URL manipulation, SQL injection, cross-site scripting, back-end authentication, password in memory, session hijacking, buffer overflow, web server configuration, credential management, Clickjacking, etc., 3) Business logic errors: Day-to-Day threat analysis, unauthorized logins, personal information modification, pricelist modification, unauthorized funds transfer, breach of customer trust etc.
2012-08-19 12:26
This blog is frozen. No new comments or edits allowed.
1) Known vulnerabilities in COTS applications
2) Technical vulnerabilities:
URL manipulation,
SQL injection,
cross-site scripting,
back-end authentication,
password in memory,
session hijacking,
buffer overflow,
web server configuration,
credential management,
Clickjacking, etc.,
3) Business logic errors:
Day-to-Day threat analysis,
unauthorized logins,
personal information modification,
pricelist modification,
unauthorized funds transfer,
breach of customer trust etc.