The Manager’s Guide to Web Application Security A Concise Guide to the Weaker Side of the Web

Front Matter....Pages i-xxiv
Understanding IT Security Risks....Pages 1-11
Types of Web Application Security Testing....Pages 13-20
Web Application Vulnerabilities and the Damage They Can Cause....Pages 21-46
Web Application Vulnerabilities and Countermeasures....Pages 47-79
How to Build Preventative Countermeasures for Web Application Vulnerabilities....Pages 81-94
How to Manage Security on Applications Written by Third Parties....Pages 95-98
Integrating Compliance with Web Application Security....Pages 99-110
How to Create a Business Case for Web Application Security....Pages 111-130
Parting Thoughts....Pages 131-132
COBIT® 5 for Information Security....Pages 133-145
Experian EI3PA Security Assessment....Pages 147-159
ISO/IEC 17799:2005 and the ISO/IEC 27000:2014 Series....Pages 161-163
North American Energy Council Security Standard for Critical Infrastructure Protection (NERC CIP)....Pages 165-176
NIST 800 Guidelines....Pages 177-178
Payment Card Industry (PCI) Data Security Standard Template for Report on Compliance for use with PCI DSS v3.0....Pages 179-196
Sarbanes-Oxley Security Compliance Requirements....Pages 197-198
Sources of Information....Pages 199-200
Back Matter....Pages 201-204