Cornucopia - Ecommerce Website Edition - Wiki Deck

Thank you for visiting OWASP.org. We recently migrated our community to a new web platform and regretably the content for this page needed to be programmatically ported from its previous wiki page. There’s still some work to be done.

Author: Darío De Filippis

Versioning

This wiki deck relates to version 1.10 EN of OWASP Cornucopia Ecommerce Website Edition (currently the only edition). The cards are available in other formats (DOC, PDF, print) from the main project pages.

The cross-references relate to the following versions of other OWASP and external resources:

OWASP SCP OWASP_Secure_Coding_Practices_Checklist v2
OWASP ASVS OWASP_Application_Security_Verification_Standard v2 (2014)
OWASP AppSensor AppSensor_DetectionPoints
CAPEC Mitre Common Attack Pattern Enumeration and Classification v1.7.1
SAFECode SAFECode Practical Security Stories and Security Tasks for Agile Development Environments July 2012

Deck

Data validation and encoding (VE)

2 3 4 5 6 7 8 9 10 J Q K A

Authentication (AT)

2 3 4 5 6 7 8 9 10 J Q K A

Session management (SM)

2 3 4 5 6 7 8 9 10 J Q K A

Authorization (AZ)

2 3 4 5 6 7 8 9 10 J Q K A

Cryptography (CR)

2 3 4 5 6 7 8 9 10 J Q K A

Cornucopia (C)

2 3 4 5 6 7 8 9 10 J Q K A

Wild Card (W)

Joker (A) Joker (B)

Category: Attack Category: Threat_Modeling Category:OWASP Project Category:OWASP_Builders Category:OWASP_Defenders Category:OWASP_Document Category:SAMM-SR-1 Category:SAMM-SR-2 Category:SAMM-TA-1 Category:SAMM-EG-2