From aceb07718aa45bb994e595fa23308bcb07d01c2b Mon Sep 17 00:00:00 2001 From: Marcin Zelent Date: Wed, 30 May 2018 14:51:32 +0200 Subject: Updated references --- references.bib | 130 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 130 insertions(+) create mode 100644 references.bib (limited to 'references.bib') diff --git a/references.bib b/references.bib new file mode 100644 index 0000000..8b7b5ae --- /dev/null +++ b/references.bib @@ -0,0 +1,130 @@ +@book{wahh, + author = "Dafydd Stuttard and Marcus Pinto", + title = "The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2nd Edition", + year = "2011", + publisher = "John Wiley \& Sons Inc", + isbn = "978-111802647" +} + +@techreport{owasptop10, + title = "OWASP Top 10 - 2017 (The Ten Most Critical Web Application Security Risks)", + url = "https://www.owasp.org/images/7/72/OWASP_Top_10-2017_(en).pdf.pdf", + institution = "The OWASP Foundation", + year = "2017" +} + +@misc{lyndaowasptop10, + author = "Caroline Wong", + title = "Learning the OWASP Top 10", + url = "https://lynda.com/IT-Infrastructure-tutorials/Learning-OWASP-Top-10/642483-2.html", + publisher = "Lynda.com", + year = "2018" +} + +@misc{cerntalk, + author = "Michael Coates", + title = "Application Security - Understanding, Exploiting and Defending against Top Web Vulnerabilities", + url = "https://youtu.be/sY7pUJU8a7U", + publisher = "CernerEng", + year = "2014" +} + +@article{mobappsec, + author = "Sarah Vonnegut", + title = "Mobile Application Security: 15 Best Practices for App Developers", + journal = "Checkmarx", + month = "8", + year = "2015", + url = "https://www.checkmarx.com/2015/08/19/mobile" +} + +@techreport{sbd, + title = "Security by Design Principles", + url = "https://owasp.org/index.php?title=Security_by_Design_Principles&oldid=220008", + institution = "The OWASP Foundation", + year = "2016" +} + +@techreport{sdl, + title = "Simplified Implementation of the Microsoft SDL", + url = "https://microsoft.com/sdl", + institution = "Microsoft Corporation", + year = "2010" +} + +@techreport{whatisappsec, + title = "What is application security", + publisher = "Veracode", + url = "http://vera.cd/1Qo7OHa", + year = "2015" +} + +@article{appsecimp, + author = "Melissa Francis", + title = "The Importance of Application Security: A Few of the Benefits and Risks", + journal = "Veracode", + month = "1", + year = "2017", + url = "https://www.veracode.com/blog/intro-appsec/importance-application-security-few-benefits-and-risks" +} + +@article{yahoobreaches, + author = "Jonathan Stempel", + title = "Data breach victims can sue Yahoo in the United States: judge", + journal = "Reuters", + month = "3", + year = "2018", + url = "https://www.reuters.com/article/us-verizon-yahoo-breach/data-breach-victims-can-sue-yahoo-in-the-united-states-judge-idUSKCN1GO1TL" +} + +@article{iotsec, + author = "Lisa Froelings", + title = "Cybersecurity Threats in the Age of IoT", + journal = "CSO", + month = "2", + year = "2018", + url = "https://www.cso.com.au/article/632981/cybersecurity-threats-age-iot/" +} + +@article{stolendata, + title = "What do Hackers do with Your Stolen Identity?", + journal = "Trend Micro", + month = "6", + year = "2017", + url = "https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/what-do-hackers-do-with-your-stolen-identity" +} + +@techreport{sqlinjection, + title = "SQL Injection", + institution = "The OWASP Foundation", + year = "2016", + url = "https://www.owasp.org/index.php?title=SQL_Injection&oldid=212863" +} + +@techreport{rfi, + title = "Testing for Remote File Inclusion", + institution = "The OWASP Foundation", + year = "2014", + url = "https://www.owasp.org/index.php?title=Testing_for_Remote_File_Inclusion&oldid=180313" +} + +@techreport{cmdinjection, + title = "Command Injection", + institution = "The OWASP Foundation", + year = "2016", + url = "https://www.owasp.org/index.php?title=Command_Injection&oldid=220078" +} + +@techreport{injectionprev, + title = "SQL Injection Prevention Cheat Sheet", + institution = "The OWASP Foundation", + year = "2018", + url = "https://www.owasp.org/index.php?title=SQL_Injection_Prevention_Cheat_Sheet&oldid=237384" +} + +@techreport{xss, + title = "Cross-site Scripting (XSS)", + institution = "The OWASP Foundation", + year = "2018", + url = "https://www.owasp.org/index.php?title=Cross-site_Scripting_(XSS)&oldid=238389" +} -- cgit v1.2.3