Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revisionBoth sides next revision | ||
public:secureprogramming [2014-09-11 11:30] – petrs | public:secureprogramming [2014-09-11 11:38] – petrs | ||
---|---|---|---|
Line 86: | Line 86: | ||
* Use format of https:// | * Use format of https:// | ||
* High-level metrics: platform... | * High-level metrics: platform... | ||
- | * 1st iteration | + | * Iterative process, highlight to students |
* Platform supported | * Platform supported | ||
* Properties from Andrii | * Properties from Andrii | ||
* IDE integration vs. standalone / server-based tool | * IDE integration vs. standalone / server-based tool | ||
* Miro - Coverity experience | * Miro - Coverity experience | ||
- | * | + | * 3 bc works |
+ | * Metrics (owasp top 10) | ||
+ | |||
+ | A1 Injection | ||
+ | A2 Broken Authentication and Session Management | ||
+ | A3 Cross-Site Scripting (XSS) | ||
+ | A4 Insecure Direct Object References | ||
+ | A5 Security Misconfiguration | ||
+ | A6 Sensitive Data Exposure | ||
+ | A7 Missing Function Level Access Control | ||
+ | A8 Cross-Site Request Forgery (CSRF) | ||
+ | A9 Using Components with Known Vulnerabilities | ||
+ | A10 Unvalidated Redirects and Forwards | ||