@book{wahh, author = "Dafydd Stuttard and Marcus Pinto", title = "The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2nd Edition", year = "2011", publisher = "John Wiley \& Sons Inc", isbn = "978-111802647" } @techreport{owasptop10, title = "OWASP Top 10 - 2017 (The Ten Most Critical Web Application Security Risks)", url = "https://www.owasp.org/images/7/72/OWASP_Top_10-2017_(en).pdf.pdf", institution = "The OWASP Foundation", year = "2017" } @misc{lyndaowasptop10, author = "Caroline Wong", title = "Learning the OWASP Top 10", url = "https://lynda.com/IT-Infrastructure-tutorials/Learning-OWASP-Top-10/642483-2.html", publisher = "Lynda.com", year = "2018" } @misc{cerntalk, author = "Michael Coates", title = "Application Security - Understanding, Exploiting and Defending against Top Web Vulnerabilities", url = "https://youtu.be/sY7pUJU8a7U", publisher = "CernerEng", year = "2014" } @article{mobappsec, author = "Sarah Vonnegut", title = "Mobile Application Security: 15 Best Practices for App Developers", journal = "Checkmarx", month = "8", year = "2015", url = "https://www.checkmarx.com/2015/08/19/mobile" } @techreport{sbd, title = "Security by Design Principles", url = "https://owasp.org/index.php?title=Security_by_Design_Principles&oldid=220008", institution = "The OWASP Foundation", year = "2016" } @techreport{sdl, title = "Simplified Implementation of the Microsoft SDL", url = "https://microsoft.com/sdl", institution = "Microsoft Corporation", year = "2010" } @techreport{whatisappsec, title = "What is application security", publisher = "Veracode", url = "http://vera.cd/1Qo7OHa", year = "2015" } @article{appsecimp, author = "Melissa Francis", title = "The Importance of Application Security: A Few of the Benefits and Risks", journal = "Veracode", month = "1", year = "2017", url = "https://www.veracode.com/blog/intro-appsec/importance-application-security-few-benefits-and-risks" } @article{yahoobreaches, author = "Jonathan Stempel", title = "Data breach victims can sue Yahoo in the United States: judge", journal = "Reuters", month = "3", year = "2018", url = "https://www.reuters.com/article/us-verizon-yahoo-breach/data-breach-victims-can-sue-yahoo-in-the-united-states-judge-idUSKCN1GO1TL" } @article{iotsec, author = "Lisa Froelings", title = "Cybersecurity Threats in the Age of IoT", journal = "CSO", month = "2", year = "2018", url = "https://www.cso.com.au/article/632981/cybersecurity-threats-age-iot/" } @article{stolendata, title = "What do Hackers do with Your Stolen Identity?", journal = "Trend Micro", month = "6", year = "2017", url = "https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/what-do-hackers-do-with-your-stolen-identity" } @techreport{sqlinjection, title = "SQL Injection", institution = "The OWASP Foundation", year = "2016", url = "https://www.owasp.org/index.php?title=SQL_Injection&oldid=212863" } @techreport{rfi, title = "Testing for Remote File Inclusion", institution = "The OWASP Foundation", year = "2014", url = "https://www.owasp.org/index.php?title=Testing_for_Remote_File_Inclusion&oldid=180313" } @techreport{cmdinjection, title = "Command Injection", institution = "The OWASP Foundation", year = "2016", url = "https://www.owasp.org/index.php?title=Command_Injection&oldid=220078" } @techreport{injectionprev, title = "SQL Injection Prevention Cheat Sheet", institution = "The OWASP Foundation", year = "2018", url = "https://www.owasp.org/index.php?title=SQL_Injection_Prevention_Cheat_Sheet&oldid=237384" } @techreport{xss, title = "Cross-site Scripting (XSS)", institution = "The OWASP Foundation", year = "2018", url = "https://www.owasp.org/index.php?title=Cross-site_Scripting_(XSS)&oldid=238389" }