Veracode, an important InfoSec company (more specialized on Web Application Security) has recently released a couple of guides that try to help understand some serious security issues that affect most of the Web Applicatons. They called this series of guides the “Free Security Threat Guides”.
These five security vulnerability guides are packed with information in a easy to understand format, and are useful for audiences ranging from IT executives to consumer-level cell phone users.
The objectives of each of the guides can be resumed in the following:
- Educates readers on threats like cross-site request forgery, SQL injections, mobile code security issues
- Gives easy-to-follow steps, guidelines and helpful “cheat sheets” for preventing attacks
- Provides further free resources to learn more about security risk management
Direct access to each of the guides can be obtained on the following links:
- SQL Injection: http://www.veracode.com/security/sql-injection
- Cross Site Scripting: http://www.veracode.com/security/xss
- Cross Site Request Forgery: http://www.veracode.com/security/csrf
- LDAP Injection: http://www.veracode.com/security/ldap-injection
- Mobile Code Security: http://www.veracode.com/security/mobile-code-security