ASF quiz

To increase the complexity of Software Development Lifecycle

To reduce the risk of attacks and data breaches

Public information that bank performs security testing will scare away potential hackers

To identify teams that create software with the worst quality

African Swine Flu

Application Security Framework

Affirmation Security Field

Black-box testing

Grey-box testing

Red-box tester

White-box tester

List of 10 most common web application vulnerabilities

List of 10 recent web applications hacks that made it to the news

List of 10 most critical security risks to web applications

List of most basic web application vulnerabilities

JavaScript alert(1) function allows execution of code on the server side

JavaScript alert(1) function allows exfiltration of victim’s cookies to the attacker

JavaScript alert(1) function is not a destructive as other JavaScript functions, such as console.log() or confirm()

JavaScript alert(1) function is a proof that JavaScript was executed in the context of a web page

SQL injection

Command injection

Server-Side Request Forgery

Cross-Site Scripting

Insecure coding

Implementation bugs

Design flaws

Black-box testing

Grey-box testing

Red-box testing

White-box testing