本文共 1056 字，大约阅读时间需要 3 分钟。

The Web Application Security Frame is a set of categories you can use to scope security and improve your effectiveness.  It consists of the following categories:

• Auditing and Logging
• Authentication
• Authorization
• Configuration Management
• Cryptography
• Exception Management
• Input and Data Validation
• Sensitive Data
• Session Management

We created these categories during  to represent two things:

How do you use these to be more effective?  You use these categories to focus and prioritize your security work.  For example, if you know the most prevalent security issues occur in the input validation, authentication and authorization categories, you can start there.

You can immediately put the Web Application Security Frame into action.  when you perform Security Design Inspections or Security Code Inspections you can use the frame to walk categories of common security issues.  To do so, see the following:

For more information on the Web Application Security Frame, see .

转载地址：http://hglmb.baihongyu.com/