Safety of Web Applications

1: Why Do Web Applications Need to be Secure?

• Abstract
• 1.1 What is a web application?
• 1.2 What is computer security?
• 1.3 Examples of damage caused by security failures

2: Estimating Risk

• Abstract
• 2.1 What is risk?
• 2.2 How can we protect ourselves from risk?
• 2.3 Determining the target
• 2.4 Determining the impact
• 2.5 Which causes or scenarios should be considered?
• 2.6 How should this study be performed in a company setting?

3: Encryption and Web Server Configuration

• Abstract
• 3.1 Examples of different web servers
• 3.2 Introduction to concepts in encryption
• 3.3 Generating and managing encryption certificates
• 3.4 Implementing the HTTPS protocol
• 3.5 Improving the security of the Apache server
• 3.6 In summary

4: Threats and Protecting Against Them

• Abstract
• 4.1 The threats associated with web-based environments
• 4.2 The top 10 most frequent attacks in 2013
• 4.3 Other countermeasures
• 4.4 Implementing a resource controller

5: Managing User Logins and Assigning Permissions

• Abstract
• 5.1 Managing user logins
• 5.2 Managing permissions
• 5.3 In summary

6: Using the MVC Model to Structure the Application

• Abstract
• 6.1 Why does the application structure matter?
• 6.2 What is the MVC model?
• 6.3 Conclusion

7: Implementing a Suitable Technical Platform and Testing the Application

• Abstract
• 7.1 Designing a suitable technical architecture
• 7.2 Testing the security of the application
• 7.3 What options do we have if implementing security measures for an application seems an impossible task?