Improving Web Application Security: Threats and Countermeasures

In This Chapter

• Designing input validation strategies

• Partitioning Web sites into open and restricted areas

• Implementing effective account management practices

• Developing effective authentication and authorization strategies

• Protecting sensitive data

• Protecting user sessions

• Preventing parameter manipulation

• Handling exceptions securely

• Securing an application s configuration management features

• Listing audit and logging considerations