Please enable JavaScript.
Coggle requires JavaScript to display documents.
Application Security & Attack Mitigation - Coggle Diagram
Application Security & Attack Mitigation
Secure Development Practices
SSDLC
OWASP Testing Guide
Auth attacks
on-path :arrow_right: formerly MITM
use encrypted comms
credentials
password spraying
credential stuffing
auth best practices
strong passwd requirements
strong password reset mechanisms
secure tokens
session management
OWASP cheat sheet
Best Practices
input validadtion
output encoding
parameterized queries
data protection
session management
Recommending Controls
Overflow Attacks
buffer overflow
heap overflow
integer overflow
stack overflow
SQL Injection & XML Attacks
SQL injection
prompt injection
insecure object reference
XML attacks
XML bomb
XML External Entity
Web App Attacks
directory traversal
XSS
reflected XSS
persistent XX
file inclusion
remote
local
Session Hijacking :arrow_right: exploiting cookies :cookie:
XSRF/CSRF
cookie poisoning
Vulnerabilities & Mitigations
broken access control
implement proper access control
SSRF
validate user input
allowed hosts
firewall & network segmentation
secure coding practices
data poisoning :arrow_right: AI/ML
data validation
data diversity
anomaly detection
robust models
regular auditing & testing