Incomplete Blacklist

From OWASP
Revision as of 13:18, 11 April 2009 by KirstenS (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


This page was marked to be reviewed for deletion.


#REDIRECT Positive_security_model

Contents

Description

NOTE: This probably should be made into a principle - Don't use blacklist. New attacks are being developed everyday, which makes it difficult or nearly impossible in some cases to make a complete blacklist. Instead positive whitelist, which specifies what is allowed, should be used.

Examples

Related Threats

Related Attacks

Related Vulnerabilities

Related Countermeasures

Categories