OWASP Cheat Sheets

Introduction This article provides a simple model to follow when implementing solutions to protect data at rest. Passwords should not...

Introduction This document will provide a starting point for AJAX security and will hopefully be updated and expanded reasonably often...

Introduction When looking at XSS (Cross-Site Scripting), there are three generally recognized forms of XSS: Reflected or Stored DOM Based XSS....

Introduction Often when the security level of an application is mentioned in requirements, the following expressions are met: The application must be...

Introduction This cheat sheet provides guidance on securely configuring and using the SQL and NoSQL databases. It is intended to...

Introduction Authorization may be defined as “the process of verifying that a requested action or service is approved for a...

Introduction This sheet is focused on providing an overall, common overview with an informative, straight to the point guidance to...

What is Attack Surface Analysis and Why is it Important This article describes a simple and pragmatic way of doing...

Introduction This article is focused on providing clear, actionable guidance for safely deserializing untrusted data in your applications. What is...

Introduction Authentication is the process of verifying that an individual, entity or website is whom it claims to be. Authentication in...