Table of Contents
- Title and Copyright Information
- 1 Preface
- 2 About this Manual
-
3
How to Address the OWASP Top10 in
Oracle Banking Payments
- Injection
- Broken Authentication and Session Management
- Cross-Site Scripting (XSS)
- Insecure Direct Object References
- Security Misconfiguration
- Sensitive Data Exposure
- Missing Function Level Access Control
- Cross-Site Request Forgery (CSRF)
- Using Components with Known Vulnerabilities
- Unvalidated Redirects and Forwards Network Security
-
4
Securing Gateway Services
- Inbound Application Integration
- EJB Based Synchronous Deployment Pattern
- Web Services Based Synchronous Deployment Pattern
- HTTP Servlet Based Synchronous Deployment Pattern
- MDB Based Asynchronous Deployment Pattern
- Outbound Application Integration
- Accessing Service and Operation
- Gateway Password Generation Logic for External System Authentication
- XSD Validation and Input Validation
- List of Services
- List of Interfaces