Application Security Manager (ASM)
A web application firewall from F5 Networks that integrates with WhiteHat Security Sentinel's vulnerability management service. Sentinel users can update the security policy on a per-vulnerability basis to mitigate the risk of its exploitation while the vulnerability is being addressed in the Web application code.
Authentication
The process of verifying identity, ownership, and/or authorization.
Backdoor
Malicious code inserted into a program for the purposes of providing the author covert access to machines running the program.
Base 64
A method for encoding binary data into printable ASCII strings. Every byte of output maps to six bits of input (minus possible padding bytes).
Blacklist
When performing Input validation, the set of items that —if matched — result in the input being considered invalid. If no invalid items are found, the result is valid.
IP Address
A unique address assigned to a networked device, including computers, and servers.
Padding
Data added to a message that is not part of the message. For example, some block cipher modes require messages to be padded to a length that is evenly divisible by the block length of the cipher — i.e., the number of bytes that the cipher processes at once.
Policy
A set of rules employed by a Web application firewall that detect and block attempts to exploit a vulnerability in a Web application. All HTTP requests are assessed for strings that contain vulnerable parameters. Policy rules need to be maintained periodically.
Root User
A user with unlimited access to all operations on a computer.
Read Access
The ability to view the names of files in a directory, but not any other information such as file type, size, and so on.)
Web Application Firewall (WAF)
A device or software module that applies a set of policy rules to incoming traffic to block potential attacks on a Web application. Also known as a WAF.
Whitelist
When performing input validation, the set of items that, if matched, results in the input being accepted as valid. If there is no match to the whitelist, then the input is considered invalid. That is, a whitelist uses a ‘default deny’ policy.
Write Access
The ability to create, delete, change permissions, or rename files.
Post a Comment
I Love Hearing What My Readers Have To Say!
People Like You Have Helped To Make The Blog What Is Today!
So I Wanted To Thank You Personally For Sharing Your Thoughts.
I Read Comments First Thing In The Morning So Helpfully Yours Will Help Brighten Up My Day!