Warehouse Stock Clearance Sale

Grab a bargain today!

Security Testing Handbook for Banking Applications
By

Rating

Product Description
Product Details

Table of Contents

Introduction 1 The threat landscape 2 Defences employed 3 Goal of the book 5 Chapter 1: Approach to Security Testing 7 Preparing the threat profile 9 Preparing the test plan 12 Chapter 2: Basic Tests and Techniques 17 SQL injection 18 Cross-site scripting (XSS) 20 Cross-site request forgery (CSRF) 21 Directory brute forcing/Searching for defaults 23 Weak authorisations 24 Weak session management 2625 Sensitive data in browser cache 2827 Over-reliance on client-side validation 29 Unencrypted traffic 30 Unhardened database 3130 Weak password policies 32 Poor error-handling mechanisms 3332 Chapter 3: The Tools of the Trade 35 Web applications 35 Thick-client applications 55 Terminal services applications 67 Intercepting Java applets 69 Embedded application 70 Web services application 70 Mobile applications 72 Chapter 4: Security Testing Repository 75 Generic threat profile and test plan 76 Core banking 79 Internet banking 87 Web trading 98 Derivatives trading 103 Credit card payment management applications 107 Debit card management system 112 Mutual funds management 116 Loan management application 120 Cheque management application 125 Overdraft calculator application 130 Adjustments and waivers application 134 Online remittance application 138 Account opening tracker 143142 Back-office trading application 146 Electronic payment switch 149 Cash depositor 153152 Teller automation machines 156155 ATM reconciler application 161160 Balance viewer terminals 165164 Customer care centre application 168167 Interactive voice response system 171170 Fraud detection software 175174 Chapter 5: Emerging Trends 181 Emerging landscape of applications 181 New attacks on the horizon 182 ITG Resources 185

About the Author

Arvind Doraiswamy leads Paladion"s R&D team for Application Security. Arvind has tested 100+ banking applications and continuously refines the techniques used by Paladion to improve the quality of testing. HeThey also contributes to the security testing database at www.vulnerabilityassessment.co.uk. Sangita Pakala is the Project Director for the Application Security practice at Paladion. Sangita is the lead author of the OWASP Application Security FAQ, and co-author of Application Security in the ISO 27001 EnvironmentA" from ITGP. She has been invited to present at the RSA Conference 2006 and ISACA Europe 2005. Nilesh Kapoor is a Project Leader in Paladion"s Application Security Testing team. Nilesh has tested 30+ applications including core banking applications, RTGS and ATM systems. Prashant Verma is a Project Leader in Paladion"s Application Security Testing team. Prashant has tested 30+ applications including Internet banking, fraud monitoring and teller automation applications. Praveen Singh is a senior security engineer in Paladion"s Application Security Testing team. Praveen has tested 30+ applications including payment systems, debit card management systems, loan management applications and core banking applications. Raghu Nair is a senior security engineer in Paladion"s Application Security Testing team. Raghu has tested 30+ applications including credit card management systems, derivatives trading applications and core banking applications. Sangita Pakala is the Project Director for the Application Security practice at Paladion. Sangita is the lead author of the OWASP Application Security FAQ, and co-author of Application Security in the ISO 27001 EnvironmentA" from ITGP. She has been invited to present at the RSA Conference 2006 and ISACA Europe 2005. Shalini Gupta is the Project Manager for Banking and Finance at Paladion. She has tested 100+ banking applications for security in the last three3 years. Her team has tested 400+ banking applications for 30 banks in the last seven7 years.

Ask a Question About this Product More...
Write your question below:
Look for similar items by category
People also searched for
How Fishpond Works
Fishpond works with suppliers all over the world to bring you a huge selection of products, really great prices, and delivery included on over 25 million products that we sell. We do our best every day to make Fishpond an awesome place for customers to shop and get what they want — all at the best prices online.
Webmasters, Bloggers & Website Owners
You can earn a 8% commission by selling Security Testing Handbook for Banking Applications on your website. It's easy to get started - we will give you example code. After you're set-up, your website can earn you money while you work, play or even sleep! You should start right now!
Authors / Publishers
Are you the Author or Publisher of a book? Or the manufacturer of one of the millions of products that we sell. You can improve sales and grow your revenue by submitting additional information on this title. The better the information we have about a product, the more we will sell!
Item ships from and is sold by Fishpond Retail Limited.
Back to top