Web 2.0 desktop and mobile application security design
From the developerWorks archives
Date archived: September 6, 2016 | First published: June 21, 2011
Most attempted attacks are directed to web applications. These attacks focus on the most common vulnerabilities, which include cross-site scripting, SQL injection, parameter tampering, cookie poisoning, and information leakage. Traditional perimeter defenses, such as firewalls and intrusion detection systems, will not prevent this kind of attack, because these exploit program vulnerabilities. This article describes the most common vulnerabilities and possible countermeasures and explains the value of automated security scanning in the development process to produce secure applications.
This content is no longer being updated or maintained. The full article is provided "as is" in a PDF file. Given the rapid evolution of technology, some steps and illustrations may have changed.