Category:Control

This category is a parent category used to track categories of controls (or countermeasure, security mechanisms).

What is a control
Controls are defensive technologies or modules that are used to detect, deter, or deny attacks. Necessary controls in an application should be identified using Threat modeling to ensure that the application is protected against common types of attacks based on the threats it faces. A weakness or design flaw of a control, or the lack of a necessary controls results in a vulnerability that can make the application susceptible to attacks.

Examples of controls

 * Authentication
 * Authorization
 * Session Management
 * Input Validation
 * Error Handling
 * Logging
 * Cryptography