Security Testing Handbook for Banking Applications
Autor Arvind Doraiswamy, Sangita Pakala, Nilesh Kapooren Limba Engleză Paperback – 31 ian 2009
Preț: 372.62 lei
Nou
Puncte Express: 559
Preț estimativ în valută:
71.33€ • 74.15$ • 59.14£
71.33€ • 74.15$ • 59.14£
Carte tipărită la comandă
Livrare economică 03-10 februarie 25
Preluare comenzi: 021 569.72.76
Specificații
ISBN-13: 9781905356829
ISBN-10: 190535682X
Pagini: 200
Dimensiuni: 140 x 216 x 12 mm
Greutate: 0.26 kg
Editura: It Governance Ltd
Locul publicării:United Kingdom
ISBN-10: 190535682X
Pagini: 200
Dimensiuni: 140 x 216 x 12 mm
Greutate: 0.26 kg
Editura: It Governance Ltd
Locul publicării:United Kingdom
Cuprins
Introduction 1 The threat landscape 2 Defences employed 3 Goal of the book 5 Chapter 1: Approach to Security Testing 7 Preparing the threat profile 9 Preparing the test plan 12 Chapter 2: Basic Tests and Techniques 17 SQL injection 18 Cross-site scripting (XSS) 20 Cross-site request forgery (CSRF) 21 Directory brute forcing/Searching for defaults 23 Weak authorisations 24 Weak session management 2625 Sensitive data in browser cache 2827 Over-reliance on client-side validation 29 Unencrypted traffic 30 Unhardened database 3130 Weak password policies 32 Poor error-handling mechanisms 3332 Chapter 3: The Tools of the Trade 35 Web applications 35 Thick-client applications 55 Terminal services applications 67 Intercepting Java applets 69 Embedded application 70 Web services application 70 Mobile applications 72 Chapter 4: Security Testing Repository 75 Generic threat profile and test plan 76 Core banking 79 Internet banking 87 Web trading 98 Derivatives trading 103 Credit card payment management applications 107 Debit card management system 112 Mutual funds management 116 Loan management application 120 Cheque management application 125 Overdraft calculator application 130 Adjustments and waivers application 134 Online remittance application 138 Account opening tracker 143142 Back-office trading application 146 Electronic payment switch 149 Cash depositor 153152 Teller automation machines 156155 ATM reconciler application 161160 Balance viewer terminals 165164 Customer care centre application 168167 Interactive voice response system 171170 Fraud detection software 175174 Chapter 5: Emerging Trends 181 Emerging landscape of applications 181 New attacks on the horizon 182 ITG Resources 185