The Tangled Web

Description

A guide to securing modern web applications
Ron Kuper
Mind Map by Ron Kuper, updated more than 1 year ago
Ron Kuper
Created by Ron Kuper about 9 years ago
45
0

Resource summary

The Tangled Web
  1. Security in the World of Web Applications
    1. History of the Web
      1. GML
        1. IBM's Generalized Markup Language
          1. "this is a header", "this is a list"
          2. SGML
            1. Standard Generalized Markup Language
              1. HTML
                1. Focused on simplicity
                  1. Tim Berners-Lee and Dan Connolly
                    1. HyperText Markup Language
                      1. HTTP
                        1. HyperText Transfer Protocol
                          1. Dedicated scheme for accessing HTML resources using TCP/IP, DNS and file pathes concepts
                            1. Tim's WWW Project

                              Annotations:

                              • World Wide Web
                              1. 1991-1993
                                1. A browser that parsed HTML and allowed navigation from one page to another
                                  1. Tim Berners-Lee
                                    1. Mosaic Web Browser
                                      1. Netscape Navigator
                                        1. Spyglass Mosaic
                                          1. Microsoft Internet Explorer
                                2. 1960's
                                3. Microsoft XMLHttpRequest
                                  1. Web 2.0
                                  2. W3C - WWW Consortium
                                  3. Risk Management
                                    1. CWE
                                      1. Homeland Security
                                        1. Common Weakness Enumeration
                                          1. "Provide a common language"
                                          2. CVSS
                                            1. Common Vulnerability Scoring System
                                              1. method to quantify and score a vulnerability based on risk
                                            2. probability * maximum loss = risk
                                          3. Anatomy of the Web
                                            1. URLs
                                              1. HTTP
                                                1. HTML
                                                  1. CSS
                                                    1. Browser Scripts
                                                      1. Doc Types
                                                        1. Plug-ins
                                                        2. Browser Security
                                                          1. Content Isolation
                                                            1. Origin Inheritance
                                                              1. Outside Same-Origin
                                                                1. Other Boundaries
                                                                  1. Content Recognition
                                                                    1. Rouge Scripts
                                                                      1. Site Privileges
                                                                      2. Future
                                                                        1. New Security Features
                                                                          1. Other Browser Mechanisms
                                                                            1. Common Web Vulnerabilities
                                                                            Show full summary Hide full summary

                                                                            Similar

                                                                            1.5 Application and Security Controls
                                                                            DJ Perrone
                                                                            "The 1 Min Manager" Flashcards
                                                                            Rafael Testai
                                                                            "Enchantment" by Guy Kawasaki Flashcards
                                                                            Rafael Testai
                                                                            GCSE French Edexcel High Frequency Verbs: Second Set
                                                                            alecmorley2013
                                                                            computer systems and programming quiz
                                                                            Molly Batch
                                                                            Physics GCSE AQA Unit 1 quiz
                                                                            Adorkable_dreamer
                                                                            Types and Components of Computer Systems
                                                                            Jess Peason
                                                                            An Inspector Calls - Inspector Goole
                                                                            Rattan Bhorjee
                                                                            B1.1.1 Diet and Exercise Flash Cards
                                                                            Tom.Snow
                                                                            Different types of transitions that can affect children and young people's development.
                                                                            302778