Across
- 3. parses the code and identify constructs that seem to introduce threats.(4, 7)
- 8. technique used to attack data driven applications through code injection (3, 9)
- 10. a weakness that makes a threat possible (13)
- 12. a software that controls the incoming and outgoing network traffic (8)
- 14. the degree of resistance to, or protection from, harm (8)
- 16. an open-source web application security project (5)
- 18. the act of confirming the truth of an attribute of an entity (14)
- 21. process of creating computer software (6)
- 22. an operating system (4)
- 24. provides remote access to a targeted computer system (6)
- 25. a type of network security attack where the attacker takes control of a communication (9)
Down
- 1. a method of bypassing normal authentication (8)
- 2. an attempt to acquire sensitive information by redirecting to a false site (8)
- 3. a safeguard that addresses a threat and mitigates risk (14)
- 4. a list of known good inputs (9)
- 5. an action taken to harm an asset (6)
- 6. dynamic application Security testing (4)
- 7. a list of software weaknesses (3)
- 9. used by attackers to gain unauthorized access to systems or data (6, 8)
- 11. authentication, authorization and accounting (3)
- 13. cross-site Request Forgery (4)
- 15. a character encoding standard (7)
- 17. a malware program (5)
- 19. a possible danger that may act to breach security (6)
- 20. the art of writing or solving secret codes (12)
- 23. cross-site Scripting (3)