Web Application Security

GPTKB entity

Statements (53)
Predicate Object
gptkbp:instanceOf Field of Computer Security
gptkbp:address gptkb:Cross-site_request_forgery_(CSRF)
gptkb:Cross-site_scripting_(XSS)
SQL injection
Broken authentication
Directory traversal
Insecure deserialization
Insufficient logging and monitoring
Remote code execution
Security misconfiguration
Sensitive data exposure
gptkbp:focusesOn Protecting web applications from threats
https://www.w3.org/2000/01/rdf-schema#label Web Application Security
gptkbp:includes Authorization
Authentication
Data encryption
Input validation
Session management
Vulnerability assessment
gptkbp:relatedTo gptkb:OWASP_Top_Ten
gptkb:Content_Security_Policy_(CSP)
gptkb:TLS/SSL
gptkb:DevSecOps
gptkb:Web_Application_Firewall_(WAF)
HTTPS
CAPTCHA
Multi-factor authentication
Security audits
Access control
API security
Output encoding
Session hijacking
Penetration testing
Patch management
Bug bounty programs
Cookie security
Dynamic application security testing (DAST)
Input sanitization
Least privilege principle
Secure coding practices
Security awareness training
Security by design
Security headers
Security testing tools
Software Composition Analysis (SCA)
Static application security testing (SAST)
Threat modeling
Vulnerability disclosure
Vulnerability scanners
Zero-day vulnerabilities
gptkbp:bfsParent gptkb:Web_Security_Interest_Group
gptkb:F5_Advanced_WAF
gptkbp:bfsLayer 5