Table of Contents |
---|
...
Introduction
This document provides a focused analysis of the OWASP TOP 10:2021 guidelines, specifically mapped to the technologies used in our project. It provides:
Insights into Python code vulnerabilities and rules used for checking compliance with OWASP Standards, especially those related to server-side request forgeries.
Guidelines for Docker configurations, emphasizing the importance of SSL/TLS certificate verifications and their implications across multiple OWASP categories.
A detailed look into JavaScript security checks and potential threats, centered around server-side request vulnerabilities.
While there are comprehensive OWASP summaries available, this document stands out by aligning those guidelines directly with our project's technological stack. It serves as a practical guide for developers aiming to bolster their code's security based on our specific tech environment.
All checks are integrated into the CI/CD pipeline and are using SonarCloud Security Rules to find vulnerabilities.
List of potential vulnerabilities was prepared on 11th October 2023.
List of key requirements for OWASP TOP 10:2021
...