ChrisJRutter
Member
Having been a Progress house since 1986 we are now wanting to offer internet access to our application. We have prototyped a portal using WebSpeed and sent it to a security consulting firm for review and penetration testing. Their findings indicate that WebSpeed fails on 5 our of the 10 key OWASP internet security standards being:
Has anyone had similar problems?
- A2: Cross-Site Scripting (XSS)
- A3: Broken Authentication and Session Management
- A4: Insecure Direct Object References
- A7: Insecure Cryptographic Storage
- A8: Failure to Restrict URL Access
Has anyone had similar problems?