The Tangled Web

Description

A guide to securing modern web applications
Ron Kuper
Mind Map by Ron Kuper, updated more than 1 year ago
Ron Kuper
Created by Ron Kuper almost 10 years ago
49
0

Resource summary

The Tangled Web
  1. Security in the World of Web Applications
    1. History of the Web
      1. GML
        1. IBM's Generalized Markup Language
          1. "this is a header", "this is a list"
          2. SGML
            1. Standard Generalized Markup Language
              1. HTML
                1. Focused on simplicity
                  1. Tim Berners-Lee and Dan Connolly
                    1. HyperText Markup Language
                      1. HTTP
                        1. HyperText Transfer Protocol
                          1. Dedicated scheme for accessing HTML resources using TCP/IP, DNS and file pathes concepts
                            1. Tim's WWW Project

                              Annotations:

                              • World Wide Web
                              1. 1991-1993
                                1. A browser that parsed HTML and allowed navigation from one page to another
                                  1. Tim Berners-Lee
                                    1. Mosaic Web Browser
                                      1. Netscape Navigator
                                        1. Spyglass Mosaic
                                          1. Microsoft Internet Explorer
                                2. 1960's
                                3. Microsoft XMLHttpRequest
                                  1. Web 2.0
                                  2. W3C - WWW Consortium
                                  3. Risk Management
                                    1. CWE
                                      1. Homeland Security
                                        1. Common Weakness Enumeration
                                          1. "Provide a common language"
                                          2. CVSS
                                            1. Common Vulnerability Scoring System
                                              1. method to quantify and score a vulnerability based on risk
                                            2. probability * maximum loss = risk
                                          3. Anatomy of the Web
                                            1. URLs
                                              1. HTTP
                                                1. HTML
                                                  1. CSS
                                                    1. Browser Scripts
                                                      1. Doc Types
                                                        1. Plug-ins
                                                        2. Browser Security
                                                          1. Content Isolation
                                                            1. Origin Inheritance
                                                              1. Outside Same-Origin
                                                                1. Other Boundaries
                                                                  1. Content Recognition
                                                                    1. Rouge Scripts
                                                                      1. Site Privileges
                                                                      2. Future
                                                                        1. New Security Features
                                                                          1. Other Browser Mechanisms
                                                                            1. Common Web Vulnerabilities
                                                                            Show full summary Hide full summary

                                                                            Similar

                                                                            1.5 Application and Security Controls
                                                                            DJ Perrone
                                                                            "The 1 Min Manager" Flashcards
                                                                            Rafael Testai
                                                                            "Enchantment" by Guy Kawasaki Flashcards
                                                                            Rafael Testai
                                                                            Blood Brothers (Characters)
                                                                            nuhaheza
                                                                            Biology Unit 1
                                                                            hannahsanderson1
                                                                            A-Level Law: Theft
                                                                            amyclare96
                                                                            Unit 2 flashcards
                                                                            C R
                                                                            Relationships in Streetcar
                                                                            Alanna Pearson
                                                                            untitled 2
                                                                            lola_smily
                                                                            Biology - B1 - AQA - GCSE - Keeping Healthy and Defending Against Infection
                                                                            Josh Anderson