From the course: Developing Secure Software (2015)
Unlock the full course today
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
Broken authentication and session management countermeasures
From the course: Developing Secure Software (2015)
Broken authentication and session management countermeasures
- There are a number of well-established authentication and session management solutions available to you as a software developer in the form of software security frameworks. There is no need to write your own custom code from scratch. Software frameworks provide generic, but necessary features, such as security through an easy-to-use abstraction. That is, frameworks users can simply utilize the interfaces of the frameworks to take advantage of its professional software implementation of the needed feature. Frameworks also allow its users to easily extend its existing capabilities to better satisfy special requirements in a particular domain. When choosing security frameworks for your own project keep in mind that they meet a certain standard, such as OWASP's Application Security Verification Standard, or ASVS V2 and V3. ASVS V2 addresses authentication while V3 focuses on session management. Some additional criteria to use when searching for the best framework for your authentication…
Contents
-
-
-
-
-
-
Setting the stage34s
-
(Locked)
Buffer overflow attacks1m 41s
-
(Locked)
Buffer overflow countermeasures1m 44s
-
(Locked)
Broken authentication and session management1m 7s
-
(Locked)
Broken authentication and session management countermeasures2m 1s
-
(Locked)
Insecure direct object references1m 24s
-
(Locked)
Insecure direct object references countermeasures52s
-
(Locked)
Sensitive information exposure1m 6s
-
(Locked)
Sensitive data exposure countermeasures1m 37s
-
(Locked)
Other secure coding best practices2m 22s
-
-
-
-