Quellen, security

12 Quellen in /var/www/code/security/sources.yaml.

IDTitelURL / ReferenzPublisherTypRelevanz
OWASP_ASVSOWASP Application Security Verification Standardhttps://owasp.org/www-project-application-security-verification-standard/OWASPsecurity_standardSystematische Verifikationsanforderungen fuer Webanwendungen.
OWASP_AUTHOWASP Authentication Cheat Sheethttps://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.htmlOWASPsecurity_guidanceAuth-Flows, Reauth und Schutz sensibler Aktionen.
OWASP_SESSIONOWASP Session Management Cheat Sheethttps://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.htmlOWASPsecurity_guidanceSession-ID, Cookies, Timeout, Renewal und Logout.
OWASP_CSRFOWASP Cross-Site Request Forgery Prevention Cheat Sheethttps://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.htmlOWASPsecurity_guidanceCSRF-Schutz fuer zustandsaendernde Requests.
OWASP_XSSOWASP Cross Site Scripting Prevention Cheat Sheethttps://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.htmlOWASPsecurity_guidanceKontextgerechtes Output-Encoding und sichere HTML-Ausgabe.
OWASP_FILE_UPLOADOWASP File Upload Cheat Sheethttps://cheatsheetseries.owasp.org/cheatsheets/File_Upload_Cheat_Sheet.htmlOWASPsecurity_guidanceUpload-Validierung, Speicherung, Malware-Risiken und Zugriff.
OWASP_CSPOWASP Content Security Policy Cheat Sheethttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.htmlOWASPsecurity_guidanceCSP als Defense-in-Depth gegen XSS.
OWASP_SECRETSOWASP Secrets Management Cheat Sheethttps://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.htmlOWASPsecurity_guidanceSichere Verwaltung von Zugangsdaten, Tokens und Schluesseln.
OWASP_HEADERSOWASP HTTP Headers Cheat Sheethttps://cheatsheetseries.owasp.org/cheatsheets/HTTP_Headers_Cheat_Sheet.htmlOWASPsecurity_guidanceSecurity Header fuer Browser-Schutzmechanismen.
OWASP_LOGGINGOWASP Logging Cheat Sheethttps://cheatsheetseries.owasp.org/cheatsheets/Logging_Cheat_Sheet.htmlOWASPsecurity_guidancePII, URLs, Header und sensible Daten duerfen nicht roh in Logs landen.
MDN_REFERRER_POLICYReferrer policy configurationhttps://developer.mozilla.org/en-US/docs/Web/Security/Practical_implementation_guides/Referrer_policyMDN Web DocsguidanceQuery-Parameter mit sensiblen Informationen koennen ueber Referer weitergegeben werden.
LOCAL_GUI_RULESLokale GUI YAML Librariesfile:/var/www/code/guiProjektlocal_policyModal-Verbot, Formular- und Tabellenverhalten.

Zurück zum Bereich