Securing Web Applications before Deployment.
An analysis focused on various framework used to deploy web applications.
By Shritam Bhowmick Web Application Penetration Tester LinkedIn: https://www.linkedin.com/profile/view?id=281014248&trk=nav_responsive_tab_profile Academia: https://independent.academia.edu/ShritamBhowmick Facebook: https://www.facebook.com/coded32
Abstract
Dedicated vulnerability and bug researchers go deep into the application security aspects while studying application internals and there is a prominent rise in hidden attack vectors which are never common. There is a default common misconception among the developers that deploying applications which are vendor-enabled with 3rd party proprietary framework libraries will add security to the application. Libraries which the developers rely on are themselves vulnerable if properly dissected and studied. This brings business concerns to the business assets. The business assets could be anything from bank details to storing credit card information for customers to easily access such numbers for the ease of the customers. Although data integrity is maintained when storing and is encrypted, it takes a…
View original post 2,439 more words