Learn about Edge Delivery Services in upcoming GEM session
Adobe Experience Manager (AEM) - Taking Application Security to the Next Level | AEM Community Blog Seeding
Adobe Experience Manager (AEM) - Taking Application Security to the Next Level by DAVID TRUCHE
Abstract
During one of our latest AEM projects here at 3|SHARE, we exposed our digital environment to an "Invasion Test" - an activity conducted to simulate an attacker looking to: 1. Identify the technical vulnerabilities of the application; 2. Determine the impact of compromising the confidentiality of internal data, integrity and availability of the application and its information; The attacks were carried out in the Black-Box mode, in which the attacker has no information about the environment, simulating a hacker. Define and Implement Security Headers HTTP security headers can increase the security of your application. Once defined, these HTTP response headers can prevent certain vulnerabilities when running in modern browsers. Enable Content Security Policy (CSP) on your Web Server Content-Security-Policy is the name of an HTTP response header that modern browsers use to enhance the security of the document. The Content-Security-Policy header allows you to restrict how resources such as JavaScript, CSS, or pretty much anything that the browser loads. CSP is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks.
Read Full Blog
Adobe Experience Manager (AEM) - Taking Application Security to the Next Level
Q&A
Please use this thread to ask the related questions.
Kautuk Sahni
Topics
Topics help categorize Community content and increase your ability to discover relevant content.
