Quellen, security
12 Quellen in /var/www/code/security/sources.yaml.
| ID | Titel | URL / Referenz | Publisher | Typ | Relevanz |
|---|---|---|---|---|---|
| OWASP_ASVS | OWASP Application Security Verification Standard | https://owasp.org/www-project-application-security-verification-standard/ | OWASP | security_standard | Systematische Verifikationsanforderungen fuer Webanwendungen. |
| OWASP_AUTH | OWASP Authentication Cheat Sheet | https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html | OWASP | security_guidance | Auth-Flows, Reauth und Schutz sensibler Aktionen. |
| OWASP_SESSION | OWASP Session Management Cheat Sheet | https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html | OWASP | security_guidance | Session-ID, Cookies, Timeout, Renewal und Logout. |
| OWASP_CSRF | OWASP Cross-Site Request Forgery Prevention Cheat Sheet | https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html | OWASP | security_guidance | CSRF-Schutz fuer zustandsaendernde Requests. |
| OWASP_XSS | OWASP Cross Site Scripting Prevention Cheat Sheet | https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html | OWASP | security_guidance | Kontextgerechtes Output-Encoding und sichere HTML-Ausgabe. |
| OWASP_FILE_UPLOAD | OWASP File Upload Cheat Sheet | https://cheatsheetseries.owasp.org/cheatsheets/File_Upload_Cheat_Sheet.html | OWASP | security_guidance | Upload-Validierung, Speicherung, Malware-Risiken und Zugriff. |
| OWASP_CSP | OWASP Content Security Policy Cheat Sheet | https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html | OWASP | security_guidance | CSP als Defense-in-Depth gegen XSS. |
| OWASP_SECRETS | OWASP Secrets Management Cheat Sheet | https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | OWASP | security_guidance | Sichere Verwaltung von Zugangsdaten, Tokens und Schluesseln. |
| OWASP_HEADERS | OWASP HTTP Headers Cheat Sheet | https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Headers_Cheat_Sheet.html | OWASP | security_guidance | Security Header fuer Browser-Schutzmechanismen. |
| OWASP_LOGGING | OWASP Logging Cheat Sheet | https://cheatsheetseries.owasp.org/cheatsheets/Logging_Cheat_Sheet.html | OWASP | security_guidance | PII, URLs, Header und sensible Daten duerfen nicht roh in Logs landen. |
| MDN_REFERRER_POLICY | Referrer policy configuration | https://developer.mozilla.org/en-US/docs/Web/Security/Practical_implementation_guides/Referrer_policy | MDN Web Docs | guidance | Query-Parameter mit sensiblen Informationen koennen ueber Referer weitergegeben werden. |
| LOCAL_GUI_RULES | Lokale GUI YAML Libraries | file:/var/www/code/gui | Projekt | local_policy | Modal-Verbot, Formular- und Tabellenverhalten. |