Question
A frontend developer must harden security for the company's new web application. The developer notices that some vulnerabilities include broken authentication, cross-site scripting, and Structured Query Language (SQL) injection attacks.
Which of the following could provide resources to solve the issues afflicting the company's website?
answer
PCI DSS
ISO 27000 series
CIS benchmarks
OWASP
Which of the following could provide resources to solve the issues afflicting the company's website?
answer
PCI DSS
ISO 27000 series
CIS benchmarks
OWASP
Answers
GPT-4o mini
To address the vulnerabilities mentioned (broken authentication, cross-site scripting, and SQL injection attacks), the most relevant resource would be **OWASP (Open Web Application Security Project)**.
OWASP provides actionable guidance and tools specifically aimed at improving web application security, including detailed explanations of common vulnerabilities, how to prevent them, and best practices for secure coding.
While the other options such as PCI DSS, ISO 27000 series, and CIS benchmarks provide important security frameworks and guidelines, they are broader in focus and not as specific to web application security as OWASP resources.
Therefore, for the specific issues of broken authentication, XSS, and SQL injection, OWASP would be the most effective starting point.
OWASP provides actionable guidance and tools specifically aimed at improving web application security, including detailed explanations of common vulnerabilities, how to prevent them, and best practices for secure coding.
While the other options such as PCI DSS, ISO 27000 series, and CIS benchmarks provide important security frameworks and guidelines, they are broader in focus and not as specific to web application security as OWASP resources.
Therefore, for the specific issues of broken authentication, XSS, and SQL injection, OWASP would be the most effective starting point.