Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Adobe Experience Manager (AEM) - Taking Application Security to the Next Level | AEM Community Blog Seeding

kautuk_sahni
Community Manager
Community Manager

BlogImage.jpg

Adobe Experience Manager (AEM) - Taking Application Security to the Next Level by DAVID TRUCHE

Abstract

During one of our latest AEM projects here at 3|SHARE, we exposed our digital environment to an "Invasion Test" - an activity conducted to simulate an attacker looking to:
1. Identify the technical vulnerabilities of the application;
2. Determine the impact of compromising the confidentiality of internal data, integrity and availability of the application and its information;

The attacks were carried out in the Black-Box mode, in which the attacker has no information about the environment, simulating a hacker.

Define and Implement Security Headers
HTTP security headers can increase the security of your application. Once defined, these HTTP response headers can prevent certain vulnerabilities when running in modern browsers.

Enable Content Security Policy (CSP) on your Web Server
Content-Security-Policy is the name of an HTTP response header that modern browsers use to enhance the security of the document. The Content-Security-Policy header allows you to restrict how resources such as JavaScript, CSS, or pretty much anything that the browser loads.

CSP is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks.

Read Full Blog

Adobe Experience Manager (AEM) - Taking Application Security to the Next Level

Q&A

Please use this thread to ask the related questions.

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

0 Replies