MSDN Magazine, September 2002
Michael Howard and Keith Brown
Content
- 1. Trust User Input at Your Own Peril
- 2. Protect Against Buffer Overruns
- 3. Prevent Cross-site Scripting
- 4. Don't Require sa Permissions
- 5. Watch that Crypto Code!
- 6. Reduce Your Attack Profile
- 7. Employ the Principle of Least Privilege
- 8. Pay Attention to Failure Modes
- 9. Impersonation is Fragile
- 10. Write Apps that Non-admins Can Actually Use
No comments:
Post a Comment