Difference between revisions of "Category:OWASP Java Project"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 +
{{Template:Stub}}
 +
 
While Java and J2EE contain many security technologies, it is not easy to produce an application without security vulnerabilities. Most application security [[:Category:Vulnerability|Vulnerabilities]] apply to Java applications just like other environments. The notable exception is [[Buffer overflow|buffer overflow]] and related issues that do not apply to Java applications.
 
While Java and J2EE contain many security technologies, it is not easy to produce an application without security vulnerabilities. Most application security [[:Category:Vulnerability|Vulnerabilities]] apply to Java applications just like other environments. The notable exception is [[Buffer overflow|buffer overflow]] and related issues that do not apply to Java applications.
  
Line 23: Line 25:
  
 
[[Category:Platform]]
 
[[Category:Platform]]
 
{{Template:Stub}}
 

Revision as of 21:46, 24 May 2006

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.


While Java and J2EE contain many security technologies, it is not easy to produce an application without security vulnerabilities. Most application security Vulnerabilities apply to Java applications just like other environments. The notable exception is buffer overflow and related issues that do not apply to Java applications.

Contents

Securing the Java Environment

Verifier and Sandbox JRE vs. JDK (precompile JSPs)


Securing Java Application Code

Common vulnerabilities like...Runtime.exec, Statement, readline() Dangers of native code, dynamic code, and reflection Tools like PMD and FindBugs Security mechanisms like logging, encryption, error handling

Securing the J2EE Environment

Minimize attack surface in web.xml Configure error handlers

Securing J2EE Application Code

Vulnerabilities like... Using J2EE filters for protection Mechanisms like input validation, encoding Common vulnerabilities like...

Subcategories

This category has the following 2 subcategories, out of 2 total.

J

  • Java(3 C, 49 P)

O

Media in category "OWASP Java Project"

This category contains only the following file.