Questions tagged [prevention]
The prevention tag has no summary.
8 questions
0
votes
0
answers
162
views
Why does certification for datacenter equipment test for TEMPEST?
I wonder why certification (common criteria and stuff like that) of security critical hardware that is meant to be used in datacenters (e.g. link encryptors) includes some tests related to TEMPEST ...
- 109
0
votes
0
answers
147
views
Prevent XXS through file using WAF?
I encounter a scenario which the attacker create a .jpg file containing javascript code
and after uploading, the script will be executed on the browser while the .jpg file is displaying.
I configured ...
- 11
3
votes
1
answer
785
views
Retrieving CSRF token from third party website form using XHR (JavaScript)
I know they say CSRF tokens are the most secure way to prevent CSRF attacks but what if someone uses XHR to retrieve the page containing the csrf token along with the form and then use that token for ...
- 133
0
votes
1
answer
242
views
Zero Day Policies implementation
I'm new here, and sorry if my english is a little bit broken it's not my main language.
I'm trying to put together a document/ppt for my startup with a Zero Day policy structure.
But I'm not finding ...
- 103
2
votes
0
answers
717
views
Can Zeek (formerly Bro) be installed as in-line IPS?
I'm starting a comparison paper about inline Network IPS. I was looking for an opensource anomaly-based detection engine with IPS capabilities. The easiest choice seemed Zeek(formerly Bro) but from ...
- 21
1
vote
1
answer
341
views
Best Practices for exporting sensitive database data and transforming it whilist keeping it encrypted?
Say one has to export database data to use in another tool, such as an Excel Spreadsheet or for use as a csv file with some other program.
There's a problem with this, and that's that it ends up in ...
- 1,621
3
votes
2
answers
14k
views
XSS prevention via JavaScript
I am working on a XSS prevention via Javascript. I am using the following JS-Code for that:
(function () {
/*
XSS prevention via JavaScript
*/
var XSSObject = new Object();
XSSObject.lockdown = ...
- 141
3
votes
7
answers
7k
views
Backup is corrective control or a preventive control?
This is a theoritical question. There are preventive controls and corrective controls. So, is Backup a corrective control or a preventive control? There are mixed answers and mixed explainations. (...
- 527