B
Bill Wood
Guest
Related to Mike’s list are items that are particularly troublesome. · Obfuscation vs encryptions (e.g. BASIC-AUTH obfuscates a Password, so it is not clear text, but you can recover the password from it.) · WebSpeed and URL/Posts · Personally Identifyable Information (PII) and how to avoid storing it in clear text (or in logs) NOTE: some of these are simply handled by using SSL or TDE, but if you want to avoid discussing these, you need to point out the vulnerabilities that you need to handle in 4GL.
Continue reading...
Continue reading...