Across
- 3. a method of bypassing normal authentication (8)
- 5. cross-site Scripting (3)
- 8. a possible danger that may act to breach security (6)
- 9. an operating system (4)
- 11. a type of network security attack where the attacker takes control of a communication (9)
- 12. a weakness that makes a threat possible (13)
- 14. static application security testing (4)
- 16. parses the code and identify constructs that seem to introduce threats.(4, 7)
- 17. aprocess of converting data having many possible representations into a standard form (16)
- 21. a character encoding standard (7)
- 23. cross-site Request Forgery (4)
- 24. an open-standard application protocol for directory access (4)
- 25. provides pluggable dynamic authentication for applications and services (3)
- 27. technique used to attack data driven applications through code injection (3, 9)
- 28. an open-source web application security project (5)
Down
- 1. the art of writing or solving secret codes (12)
- 2. provides remote access to a targeted computer system (6)
- 3. used by attackers to gain unauthorized access to systems or data (6, 8)
- 4. a list of known good inputs (9)
- 6. the degree of resistance to, or protection from, harm (8)
- 7. the act of confirming the truth of an attribute of an entity (14)
- 10. dynamic application Security testing (4)
- 13. an attempt to acquire sensitive information by redirecting to a false site (8)
- 15. authentication, authorization and accounting (3)
- 17. a safeguard that addresses a threat and mitigates risk (14)
- 18. an action taken to harm an asset (6)
- 19. a list of software weaknesses (3)
- 20. a software that controls the incoming and outgoing network traffic (8)
- 22. process of creating computer software (6)
- 26. a malware program (5)