Volume 2: Inside Software: How Real Systems Are Built9/10
Chapter 09 of 10
Applied Security 181-190
10 lessons54 min readingParts 181-190
- 01Least PrivilegeHow much access should a user, application, or service receive?5 min read5 min read
- 02Defense in DepthWhy use several security controls around the same valuable system?6 min read6 min read
- 03Zero TrustWhat does never trust, always verify mean in practical architecture?6 min read6 min read
- 04Secure Software DevelopmentWhere should security fit in the software lifecycle?6 min read6 min read
- 05Input ValidationWhy must software distrust data even from its own interface?5 min read5 min read
- 06SQL InjectionHow can user input accidentally become part of a database command?5 min read5 min read
- 07Cross-Site ScriptingHow can untrusted content become code in another user's browser?5 min read5 min read
- 08Cross-Site Request ForgeryHow can a malicious page cause a browser to send an unwanted authenticated request?5 min read5 min read
- 09Security Logging and Audit TrailsWhich records help detect and investigate sensitive activity?5 min read5 min read
- 10Vulnerability ManagementHow do organizations handle an endless stream of discovered weaknesses?6 min read6 min read