Bayt.com

Trending Application Security Discussions

Follow

Ask the Community


Ask any professional question and get answers from other specialists.

Stream language
Application Security
Information Security Management
Technology
Default profile image
Question added by Deleted user
9 years ago

How do you protect your application from Cross-Site Request Forgery (CSRF)?‎

What products and scanners have you used successfully for detection and remediation of CSRF?‎

Answers:
10
Followers:
Views:
1031
Vote Count:
5
Report Inappropriate
Answer should contain a minimum of 25 characters.
Application Security
IT Audit
Muhammad Wasif Riaz's image
Question added by Muhammad Wasif Riaz Senior Manager IS Audits Pakistan Telecommunication Limited
10 years ago

How relevant is ISO270001 for an IT auditor containing CISA designation?‎

Answers:
2
Followers:
Views:
234
Vote Count:
1
Report Inappropriate
Answer should contain a minimum of 25 characters.
Application Security
Anil Yadav's image
Question added by Anil Yadav Manager - Group Internal Audit Kotak Mahindra Bank
10 years ago

While running a security application, user refreshed the page. The page shows session expired and shows a link for login. Is the application secure?‎

Answers:
2
Followers:
Views:
142
Vote Count:
0
Report Inappropriate
Answer should contain a minimum of 25 characters.
Application Security
Anil Yadav's image
Question added by Anil Yadav Manager - Group Internal Audit Kotak Mahindra Bank
10 years ago

What are the most important steps you would recommend for securing a new web server?‎

Answers:
1
Followers:
Views:
377
Vote Count:
0
Report Inappropriate
Answer should contain a minimum of 25 characters.
Application Security
Information Security Management
Technology

How do you protect your application from Cross-Site Request Forgery (CSRF)?‎

Default profile image  
Answer added by  Deleted user
9 years ago

1- Request confirmations to the user for critical actions, the risk of burdening the sequence of forms. 2- Request confirmation of the old password for the user to change ... See More

Downvote
Report Inappropriate
Application Security
Information Security Management
Technology

How do you protect your application from Cross-Site Request Forgery (CSRF)?‎

Prashant Soni's image  
Answer added by  Prashant Soni, Module Lead, Persistent Systems Ltd.
9 years ago

Anti-forgery tokens work because the malicious page cannot read the user’s tokens, due to same-origin policies. To prevent CSRF attacks, use anti-forgery tokens with any ... See More

Downvote
Report Inappropriate
Application Security
Information Security Management
Technology

How do you protect your application from Cross-Site Request Forgery (CSRF)?‎

Rameez Ahmed Sayad's image  
Answer added by  Rameez Ahmed Sayad, .Net Consultant, Proximus Luxembourg
9 years ago

The simplest method is to use AntiForgery token , the antiforgery token should comprise of a Salt (which needs to be changed regularly) , some User specific data(username ... See More

Downvote
Report Inappropriate
Application Security

While running a security application, user refreshed the page. The page shows session expired and shows a link for login. Is the application secure?‎

Anil Yadav's image  
Answer added by  Anil Yadav, Manager - Group Internal Audit, Kotak Mahindra Bank
3 years ago

Yes it is secure as it is asking you to re enter your credentials

Downvote
Report Inappropriate
Application Security
Information Security Management
Technology

How do you protect your application from Cross-Site Request Forgery (CSRF)?‎

Mohamed sayed's image  
Answer added by  Mohamed sayed, Senior Information Security consultant, SecureMisr
6 years ago

1-Using unpredictable random Anti-forgery tokens 2-Using samesite flag in cookies 3-avoid using HTTP GET requests in sensitive actions 

Downvote
Report Inappropriate