A&B Chapter 2 - Security Requirements

Book Navigation

Previous Chapter Page Hub Next Chapter

Covered Topics

• XSS
• CSP
• Referrer-Policy
• HSTS
• Feature-Policy Header
• Expect CT Header
• HPKP
• Cookie Security

Chapter Notes

• Encryption goes two-ways while Hashing is only one way
• To protect against Third party vulnerabilities you should be scanning your repository at least daily, weekly as well as scan every time any code is released into production.
• Just add in the security headers, it doesn't add much extra coding and will protect your website against many attacks

Application Security Requirement Checklist