From the course: Programming Foundations: Web Security
Join today to access over 24,700 courses taught by industry experts.
Map exposure points and data passageways
From the course: Programming Foundations: Web Security
Map exposure points and data passageways
- Our final general security principle is to map your exposure points and data passageways. Remember the fundamental security equation from the beginning of this chapter? It was awareness + adequate protection = security. Mapping data movement and exposure increases awareness of vulnerabilities. Once we're aware of them, then we can protect them. You can't secure a door if you don't know it exists. Mapping helps to define the attack surface. The attack surface is made up of all points that are accessible to an attacker. It's where they could get data in or get data out. If you were mapping exposure points of a castle, the attack surface might be made up of walls, doorways, gates, bridges, and tunnels. You can think of your map as a security checklist. You may decide to create a list in a word processor or to draw diagrams on paper showing the paths that data takes. You should take inventory of where data enters your…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
Least privilege3m 33s
-
(Locked)
Simple is more secure2m 40s
-
(Locked)
Never trust users3m 7s
-
(Locked)
Expect the unexpected2m 10s
-
(Locked)
Defense in depth3m 23s
-
(Locked)
Resilience4m 31s
-
(Locked)
Security through obscurity3m 56s
-
(Locked)
Deny-listing and allow-listing3m 3s
-
(Locked)
Map exposure points and data passageways3m 34s
-
-
-
-