WAF
WAF
WAF
Jason Haley
September 2017
JASON HALEY
Salem, MA
Jason Haley Consulting LLC
Azure & Angular Consultant
Microsoft Azure MVP
@halejason
http://jasonhaley.com
1. Injection
2. Broken Authentication and Session Management
3. Cross-Site Scripting (XSS)
4. Insecure Direct Object References
5. Security Misconfigurations
6. Sensitive Data Exposure
7. Missing Function Level Access Control
8. Cross-Site Request Forgery (CSRF)
9. Using Known Vulnerable Components
10. Unvalidated Redirects and Forwards
PENETRATION TEST (PEN TEST)