Table of Contents
- Title and Copyright Information
- Preface
-
1
How to address the OWASP Top10 in Oracle
Banking Corporate Lending
- 1.1 Injection
- 1.2 Broken Authentication and Session Management
- 1.3 Cross-Site Scripting (XSS)
- 1.4 Insecure Direct Object References
- 1.5 Security Misconfiguration
- 1.6 Sensitive Data Exposure
- 1.7 Missing Function Level Access Control
- 1.8 Cross-Site Request Forgery (CSRF)
- 1.9 Using Components with Known Vulnerabilities
- 1.10 Unvalidated Redirects and Forwards Network Security
-
2
Securing Gateway Services
- 2.1 Inbound Application Integration
- 2.2 EJB Based Synchronous Deployment Pattern
- 2.3 Web Services Based Synchronous Deployment Pattern
- 2.4 HTTP Servlet Based Synchronous Deployment Pattern
- 2.5 MDB Based Asynchronous Deployment Pattern
- 2.6 Outbound Application Integration
- 2.7 Securing Web Services
- 2.8 Accessing Service and Operation
- 2.9 Gateway Password Generation Logic for External System Authentication
- 2.10 XSD Validation and Input Validation
- 2.11 List of Services
- 2.12 List of Interfaces