Preface

This workbook is based on intensive research and evaluated by a master's thesis created by Moritz Hüther at the Technical University of Munich in cooperation with msg Research.

It describes common vulnerabilities in developing and operating web-based software. Each security risk contains a short overview over its theoretical background and also insights into concrete implementations using frameworks and libraries. Based on literature, the OWASP Foundation, NIST and the BSI the solutions for these security risks implemented through frameworks and/or libraries are evaluated.

The security risks follow two the categories OWASP 2021 and General:

• Under OWASP 2021, a breakdown of OWASP's top 10 web application security risks of 2021 can be found.
• General contains different tips and tricks to deal with security in web applications that exceed OWASP's list.
• Code Examples provides real examples of the security risks.

The Web Security Workbook is copyrighted by msg and distributed under a Creative Commons BY-NC-ND 4.0 International License (opens new window). You may freely share this content for non-commercial purposes, with a source credited to https://websecurityworkbook.com (opens new window).

Disclaimer

The information in this book is provided without warranty. The authors and publishers have neither liability nor responsibility to any person or entity related to any loss or damages arising from the informationen contained in this book.