Versions Compared

Old Version 12

changes.mady.by.user Jan DoĊ‚kowski

Saved on

compared with

New Version Current

changes.mady.by.user Damian Borowiecki

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

...

Introduction

This document provides a focused analysis of the OWASP TOP 10:2021 guidelines, specifically mapped to the technologies used in our project. It provides:

  • Insights into Python code vulnerabilities and rules used for checking compliance with OWASP Standards, especially those related to server-side request forgeries.

  • Guidelines for Docker configurations, emphasizing the importance of SSL/TLS certificate verifications and their implications across multiple OWASP categories.

  • A detailed look into JavaScript security checks and potential threats, centered around server-side request vulnerabilities.

While there are comprehensive OWASP summaries available, this document stands out by aligning those guidelines directly with our project's technological stack. It serves as a practical guide for developers aiming to bolster their code's security based on our specific tech environment.

All checks are integrated into the CI/CD pipeline and are using SonarCloud Security Rules to find vulnerabilities.

List of potential vulnerabilities was prepared on 11th October 2023.

List of key requirements for OWASP TOP 10:2021

...