课程: Programming Foundations: Web Security
今天就开通帐号,24,600 门业界名师课程任您挑!
Expect the unexpected
- Our next core security principle is to always expect the unexpected. Security is not like chess, where you can watch someone's move and then respond to it. Security has to be proactive, not reactive. You must assume that you will be hacked. Your job is to figure out how it will happen ahead of time. You have to prevent the crime before it happens. It's sometimes referred to as a mystery in reverse. This task may seem daunting until you gain some experience doing it. You have to consider each part of your website and ask, what are all the things that a user could try? Often, vulnerabilities are found in what we call edge cases. Most users will use a website exactly as we expect. It's easy for us to plan for those cases when we build the site. The well-worn path should not have any bugs or unexpected quirks. A few users will take unexpected actions. Our code needs to anticipate and handle these extraordinary cases…
下载课程离线学习
下载课程到移动设备,轻松离线学习。在领英学习 iOS 或安卓版 APP 下载课程
内容
-
-
-
-
Least privilege3 分钟 33 秒
-
(已锁定)
Simple is more secure2 分钟 40 秒
-
(已锁定)
Never trust users3 分钟 7 秒
-
(已锁定)
Expect the unexpected2 分钟 10 秒
-
(已锁定)
Defense in depth3 分钟 23 秒
-
(已锁定)
Resilience4 分钟 31 秒
-
(已锁定)
Security through obscurity3 分钟 56 秒
-
(已锁定)
Deny-listing and allow-listing3 分钟 3 秒
-
(已锁定)
Map exposure points and data passageways3 分钟 34 秒
-
-
-
-