Difference between revisions of "Category:Java"

From OWASP
Jump to: navigation, search
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
While Java and J2EE contain many security technologies, it is not easy to produce an application without security vulnerabilities. Most application security [[:Category:Vulnerability|Vulnerabilities]] apply to Java applications just like other environments. The notable exception is [[Buffer overflow|buffer overflow]] and related issues that do not apply to Java applications.
+
This category should be used to tag any article that has to do with Java or J2EE. You may be interested in the [[:Category:OWASP Java Project]] for more information on Java and J2EE security.
  
==Securing the Java Environment==
+
[[Category:Technology]]
Verifier and Sandbox
+
[[Category:OWASP Java Project]]
JRE vs. JDK (precompile JSPs)
+
[[Category:Language]]
 
+
[[Category:Platform]]
 
+
==Securing Java Application Code==
+
Common vulnerabilities like...Runtime.exec, Statement, readline()
+
Dangers of native code, dynamic code, and reflection
+
Tools like PMD and FindBugs
+
Security mechanisms like logging, encryption, error handling
+
 
+
==Securing the J2EE Environment==
+
Minimize attack surface in web.xml
+
Configure error handlers
+
 
+
==Securing J2EE Application Code==
+
Vulnerabilities like...
+
Using J2EE filters for protection
+
Mechanisms like input validation, encoding
+
Common vulnerabilities like...
+
 
+
[[Category:Languages]]
+

Latest revision as of 08:40, 8 June 2006

This category should be used to tag any article that has to do with Java or J2EE. You may be interested in the Category:OWASP Java Project for more information on Java and J2EE security.

Subcategories

This category has the following 3 subcategories, out of 3 total.

O