Database Reference
In-Depth Information
The application security perspective
From the application security perspective, OWASP's top ten list of concerns, available at
ht-
tps://www.owasp.org/index.php/Top_10_2013-Top_10
,
seems to always surround injection,
such as SQL injection, broken authentication, and
cross-site scripting
(
XSS
). Once an or-
ganization puts a product in production, they usually have policies in place for the com-
pany's security personnel to scan the product at will. Not all organizations have these
policies in place, but once an organization attaches their product to the Internet, there are
armies of hackers that may try various methods to attack the site, depending on whether
there is money to be gained or not. Money comes in a new economy these days in the form
of using a site as a proxy to stage other attacks, or to grab usernames and passwords that a
user may have for a different system in order to acquire a user's identity or financial in-
formation. Many companies have suffered bankruptcy over the last decades thinking that
they were secure.
NSB offers processing pieces to the backend that would normally be behind a firewall to
provide some protection. Firewalls provide some protection as well as
Intrusion Detection
Systems
(
IDSes
), but there is so much white noise for viruses and scans that many real
hack attacks may go unnoticed, except by very skilled antihackers. NSB offers additional
layers of security by using queuing and messaging. The messages can be encrypted, and the
queues may be set for limited authorization from production administrators.
