Skip to content
Snippets Groups Projects
Normal view Permalink
week4.md 1.08 KiB
Newer Older
radek's avatar
readme update for week 4
radek committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 
# Week three report

Radek Valigura from now on just **Radek**.
Olli Mehtonen from now on just **Olli**.
Aapo Kauranen from now on just **Aapo**.

What have we done so far:
---

Radek:
- connected with the sentry
- wrote more tests
- played the  “Privacy’s not dead!” game
- did OpenSSL Pratcice badge
radek's avatar
tests tests and readme  
radek committed
15 16 
- created new enpoints for users to use
- fixed issues and cleaned up a project a bit
radek's avatar
readme update for week 4
radek committed
17 18 19 20 21 22 23 24 25 26 27 28 29 30 

Olli:
-

Aapo:
-

## OWASP security risks

1. Security Misconfiguration - Make sure that permissions and roles and properly configured on cloud services (on azure).
2. Vulnerable and Outdated Components - Proper testing on the compatibility of different libraries we use together.
3. Security Misconfiguration - Let's not install any unnecessary features and frameworks, try to keep things minimal and not overloaded/complicated.
4. Identification and Authentication Failures - Let's not allow passwords that are too easy (needs to have minimum lenght, small and capital letters, numbers/symbols/letters mixed etc.)
5. Identification and Authentication Failures - Implement multifactor authentication, pretty basic.