Useful Links
Computer Science
Cybersecurity
Web Security and Privacy
1. Introduction to Web Security and Privacy
2. Core Web Technologies and Security Models
3. Client-Side Vulnerabilities
4. Server-Side Vulnerabilities
5. Cryptography in Web Security
6. Authentication and Authorization
7. Web Privacy
8. Secure Development Lifecycle
9. Advanced Web Security Topics
Secure Development Lifecycle
Secure Coding Practices
Input Validation and Sanitization
Whitelisting vs. Blacklisting
Common Pitfalls
Output Encoding
Contextual Encoding
Preventing Injection Attacks
Principle of Least Privilege
User Privileges
Application Privileges
Fail-Safe Defaults
Secure Default Configurations
Error Handling Defaults
Avoiding Security by Obscurity
Transparency in Security
Limitations of Obscurity
Security Testing and Auditing
Static Application Security Testing
Source Code Analysis
Tool Selection
Dynamic Application Security Testing
Black-box Testing
Automated Scanning Tools
Interactive Application Security Testing
Runtime Analysis
Integration with CI/CD
Manual Code Review
Review Checklists
Peer Review Processes
Penetration Testing
Scoping and Planning
Reporting and Remediation
Vulnerability Management
Vulnerability Scanning
Automated Scanners
Interpreting Results
Patch Management
Patch Deployment Processes
Patch Testing
Bug Bounty Programs
Program Design
Coordinated Disclosure
Previous
7. Web Privacy
Go to top
Next
9. Advanced Web Security Topics