Gebruikersbijdragen
(nieuwste | oudste) (50 nieuwere | 50 oudere) (20 | 50 | 100 | 250 | 500) bekijken.
- 21 jun 2013 09:10 (wijz | gesch) . . (0) . . SoftwareSecurity2013/Group 2/Reflection
- 20 jun 2013 18:22 (wijz | gesch) . . (-16) . . SoftwareSecurity2013/Group 2/Verdict (→V9: Data Protection)
- 20 jun 2013 10:41 (wijz | gesch) . . (0) . . SoftwareSecurity2013/Group 2/Log
- 20 jun 2013 10:39 (wijz | gesch) . . (+39) . . SoftwareSecurity2013/Group 2/Log
- 20 jun 2013 10:38 (wijz | gesch) . . (+65) . . SoftwareSecurity2013/Group 2/Log
- 20 jun 2013 10:36 (wijz | gesch) . . (+283) . . SoftwareSecurity2013/Group 2/Log
- 20 jun 2013 08:06 (wijz | gesch) . . (-80) . . SoftwareSecurity2013/Group 2/Code Scanning (→V9: Data Protection)
- 20 jun 2013 08:06 (wijz | gesch) . . (+203) . . SoftwareSecurity2013/Group 2/Code Scanning (→V9: Data Protection)
- 20 jun 2013 07:40 (wijz | gesch) . . (+30) . . SoftwareSecurity2013/Group 2/Code Scanning (→Results for verification requirements)
- 20 jun 2013 07:37 (wijz | gesch) . . (-3) . . SoftwareSecurity2013/Group 2/Code Scanning (→Findings)
- 19 jun 2013 18:21 (wijz | gesch) . . (+599) . . SoftwareSecurity2013/Group 2/Reflection (/* What could or should developers do to facilitate a security assessment? Do you think that experiencing security from the perspective of a reviewer rather than a developer has changed the way you would design or implement a web application yourself)
- 19 jun 2013 18:10 (wijz | gesch) . . (-1) . . SoftwareSecurity2013/Group 2/Reflection (→Is splitting up the work as we did,with different groups looking at different security requirement, a sensible way to split the work? Or are there more practical ways?)
- 19 jun 2013 18:09 (wijz | gesch) . . (+878) . . SoftwareSecurity2013/Group 2/Reflection (→Is splitting up the work as we did,with different groups looking at different security requirement, a sensible way to split the work? Or are there more practical ways?)
- 19 jun 2013 16:49 (wijz | gesch) . . (+465) . . SoftwareSecurity2013/Group 2/Reflection (→Could the ASVS be clearer, more complete, or structured in a better way?)
- 19 jun 2013 16:34 (wijz | gesch) . . (+544) . . SoftwareSecurity2013/Group 2/Reflection (→What difficulties did you encounter, either with the code or the ASVS? Can you think of ways to reduce or avoid these difficulties?)
- 19 jun 2013 09:32 (wijz | gesch) . . (-929) . . SoftwareSecurity2013/Group 2/Code Scanning (→Fortify)
- 19 jun 2013 09:19 (wijz | gesch) . . (-151) . . SoftwareSecurity2013/Group 2/Verdict (→V9.5 Verify that all cached or temporary copies of sensitive data stored on the server are protected from unauthorized access or purged/invalidated after the authorized user accesses the sensitive data.)
- 19 jun 2013 09:15 (wijz | gesch) . . (-221) . . SoftwareSecurity2013/Group 2/Verdict (/* V9.4 Verify that all cached or temporary copies of sensitive data sent to the client are protected from unauthorized access or purged/invalidated after the authorized user accesses the sensitive data (e.g., the proper no-cache and no-store Cache-C)
- 19 jun 2013 09:13 (wijz | gesch) . . (-2.735) . . SoftwareSecurity2013/Group 2/Verdict (/* V9.2 Verify that the list of sensitive data processed by this application is identified, and that there is an explicit policy for how access to this data must be controlled, and when this data must be encrypted (both at rest and in transit). Verif)
- 19 jun 2013 09:06 (wijz | gesch) . . (-129) . . SoftwareSecurity2013/Group 2/Verdict (→V9.1 Verify that all forms containing sensitive information have disabled client side caching, including autocomplete features.)
- 19 jun 2013 09:05 (wijz | gesch) . . (-674) . . SoftwareSecurity2013/Group 2/Verdict (→V9.1 Verify that all forms containing sensitive information have disabled client side caching, including autocomplete features.)
- 18 jun 2013 12:13 (wijz | gesch) . . (+86) . . SoftwareSecurity2013/Group 2/Verdict (/* V9.4 Verify that all cached or temporary copies of sensitive data sent to the client are protected from unauthorized access or purged/invalidated after the authorized user accesses the sensitive data (e.g., the proper no-cache and no-store Cache-C)
- 18 jun 2013 10:12 (wijz | gesch) . . (+1) . . SoftwareSecurity2013/Group 2/Verdict (/* V9.4 Verify that all cached or temporary copies of sensitive data sent to the client are protected from unauthorized access or purged/invalidated after the authorized user accesses the sensitive data (e.g., the proper no-cache and no-store Cache-C)
- 18 jun 2013 10:12 (wijz | gesch) . . (+1) . . SoftwareSecurity2013/Group 2/Verdict (→V9.1 Verify that all forms containing sensitive information have disabled client side caching, including autocomplete features.)
- 18 jun 2013 10:11 (wijz | gesch) . . (0) . . SoftwareSecurity2013/Group 2/Verdict (/* V9.4 Verify that all cached or temporary copies of sensitive data sent to the client are protected from unauthorized access or purged/invalidated after the authorized user accesses the sensitive data (e.g., the proper no-cache and no-store Cache-C)
- 18 jun 2013 10:11 (wijz | gesch) . . (+11) . . SoftwareSecurity2013/Group 2/Verdict (→V9.5 Verify that all cached or temporary copies of sensitive data stored on the server are protected from unauthorized access or purged/invalidated after the authorized user accesses the sensitive data.)
- 18 jun 2013 10:11 (wijz | gesch) . . (+11) . . SoftwareSecurity2013/Group 2/Verdict (/* V9.4 Verify that all cached or temporary copies of sensitive data sent to the client are protected from unauthorized access or purged/invalidated after the authorized user accesses the sensitive data (e.g., the proper no-cache and no-store Cache-C)
- 18 jun 2013 10:09 (wijz | gesch) . . (-6) . . SoftwareSecurity2013/Group 2/Reflection
- 18 jun 2013 09:43 (wijz | gesch) . . (+349) . . SoftwareSecurity2013/Group 2/Verdict (→V9.5 Verify that all cached or temporary copies of sensitive data stored on the server are protected from unauthorized access or purged/invalidated after the authorized user accesses the sensitive data.)
- 18 jun 2013 09:43 (wijz | gesch) . . (+7) . . SoftwareSecurity2013/Group 2/Verdict (/* V9.2 Verify that the list of sensitive data processed by this application is identified, and that there is an explicit policy for how access to this data must be controlled, and when this data must be encrypted (both at rest and in transit). Verif)
- 18 jun 2013 09:42 (wijz | gesch) . . (+348) . . SoftwareSecurity2013/Group 2/Verdict (/* V9.4 Verify that all cached or temporary copies of sensitive data sent to the client are protected from unauthorized access or purged/invalidated after the authorized user accesses the sensitive data (e.g., the proper no-cache and no-store Cache-C)
- 18 jun 2013 09:41 (wijz | gesch) . . (+2.913) . . SoftwareSecurity2013/Group 2/Verdict (/* V9.2 Verify that the list of sensitive data processed by this application is identified, and that there is an explicit policy for how access to this data must be controlled, and when this data must be encrypted (both at rest and in transit). Verif)
- 18 jun 2013 09:41 (wijz | gesch) . . (+1.389) . . SoftwareSecurity2013/Group 2/Verdict (→V9.1 Verify that all forms containing sensitive information have disabled client side caching, including autocomplete features.)
- 17 jun 2013 14:00 (wijz | gesch) . . (+46) . . SoftwareSecurity2013/Group 2/Log
- 17 jun 2013 13:58 (wijz | gesch) . . (+746) . . SoftwareSecurity2013/Group 2/Reflection
- 17 jun 2013 13:40 (wijz | gesch) . . (-5) . . SoftwareSecurity2013/Group 2 (→Deliverables)
- 12 jun 2013 18:06 (wijz | gesch) . . (+641) . . SoftwareSecurity2013/Group 2/Reflection
- 11 jun 2013 15:46 (wijz | gesch) . . (+273) . . SoftwareSecurity2013/Group 2/Log
- 11 jun 2013 15:38 (wijz | gesch) . . (+3) . . SoftwareSecurity2013/Group 2/Intro
- 11 jun 2013 15:38 (wijz | gesch) . . (+684) . . N SoftwareSecurity2013/Group 2/Intro (Nieuwe pagina aangemaakt met 'Buddypress is a plug-in which should give wordpress social network features. BuddyPress lets users sign-up and start creating profiles, posting messages, making connec...')
- 11 jun 2013 15:20 (wijz | gesch) . . (+144) . . SoftwareSecurity2013/Group 2 (→Deliverables)
- 11 jun 2013 15:16 (wijz | gesch) . . (+688) . . SoftwareSecurity2013/Group 2/Code Scanning (→Fortify)
- 11 jun 2013 15:03 (wijz | gesch) . . (+12) . . SoftwareSecurity2013/Group 2/Code Scanning
- 11 jun 2013 15:03 (wijz | gesch) . . (-2) . . SoftwareSecurity2013/Group 2/Code Scanning
- 11 jun 2013 15:02 (wijz | gesch) . . (-122) . . SoftwareSecurity2013/Group 2/Code Scanning
- 11 jun 2013 15:01 (wijz | gesch) . . (+3.025) . . SoftwareSecurity2013/Group 2/Code Scanning
- 4 jun 2013 13:13 (wijz | gesch) . . (+1.381) . . SoftwareSecurity2013/Group 2/Code Scanning (→Fortify)
- 3 jun 2013 18:12 (wijz | gesch) . . (+122) . . SoftwareSecurity2013/Group 2/Code Scanning Reflection (→RATS)
- 3 jun 2013 18:10 (wijz | gesch) . . (+422) . . SoftwareSecurity2013/Group 2/Code Scanning Reflection (→Fortify)
- 3 jun 2013 18:06 (wijz | gesch) . . (+267) . . SoftwareSecurity2013/Group 2/Code Scanning Reflection (→RATS)
(nieuwste | oudste) (50 nieuwere | 50 oudere) (20 | 50 | 100 | 250 | 500) bekijken.