Summary
We started this chapter by defining the fundamental concepts and terminologies that pertain to vulnerabilities and attacks and built the foundation for a detailed description of vulnerability classes, their associated attacks, and finally the practical controls to counter them. At the time of this writing, the attack page of OWASP contains 61 large classes of attacks, many of which contain subcategories: CVE master database reports 43638 vulnerability incidents, and NIST's NVD reports 43462 software flaws. In this chapter, you learned details of only a very small subset of the total known vulnerabilities and attacks, but the information you learned was arguably the most important. Computer security, however, is a very active field and the curious reader is encouraged to keep the authors' company to always keep abreast of the latest vulnerabilities and attacks.
Get Web Commerce Security Design and Development now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
