Download presentation
Presentation is loading. Please wait.
Published byDelphia Arnold Modified over 8 years ago
1
Cheng Tang U.S. Department of Education 2012 Software Developers Webinar #3 PII Updates
2
Agenda FSA Strategic Security Plans PII Update Software Security Programming Security Input Validation References 2
3
FSA Strategic Security Plans TFA Identity Management Logging and Alerting Cloud 3
4
PII Update Keylogger trending downward Breaches trending upward Privileged accounts being secured by TFA Student accounts still using SSN/PIN 4
5
Software Security Common Application Vulnerabilities Input Validation XSS, CSRF, SQL Injection Hidden Variables Cookie Forgery Response Splitting Parameter Manipulation 5
6
Programming Security Input Validation Basics Client-side versus Server-side Decode Input Blacklist/Whitelist Validation Input Database Parameterization Encode/Escaping Output 6
7
References Secure Application Coding https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prev ention_Cheat_Sheet https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prev ention_Cheat_Sheet Sans.org training Privacy Breaches http://www.privacyrights.org 7
8
Contact Information We appreciate your feedback and comments. Please contact me at: Cheng Tang Phone: (202) 377- 4567 Cheng.Tang@ed.gov
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.