Best Practices
OWASP (Open Web Application Security Project)
The Open Web Application Security Project (OWASP) is an open community empowering organizations to develop, purchase, and maintain trusted applications.
The goal of the project is to raise awareness about application security by identifying the most critical risks organizations are facing .
​
Vulnerability testing
As a continuous improvement process, on a semiannual basis, SAO performs a series of vulnerability tests carried out by third-party entities that guarantee the best practices used to develop software applications.
Code injection
Cross site scripting (XSS)
Incorrect security setting
Lack of function access control
Use of components with known vulnerabilities
Loss of authentication and session management
Direct reference unsecure to objects
Sensitive Data Exposure
Cross Site Request Forgery (CSRF)
Unvalidated redirects and forwards