Web Security ↔ to prevent threats/exploits to Web App
Source: developer.mozilla.org/en
aka websec
CAPTCHA
Challenge-Response test to Auth human intelligence
XSS
Exploit to inject naughty code into Client thru Website
SQL Injection
exploit to execute naughty SQL code on DB - to spoof identity, access/destroy data
DDoS
attack to flood Server with wasteful reqs to disrupt legitimate access, often via Botnet
Browser Fingerprint
various exploits to collect UID info through User Agent or behavior actions
Dangerzone
(process) to convert (potentially unsafe) PDF to raw pixel then back to PDF
ClickJack
exploit to trick user to click for unintended action via invisible <iframe\> - common tactic for abusing ads
CSP
Content Security Policy
Digital Certificate
Metadata file about org/entity/location to Sign by CA
Certificate Authority
org to Sign Digital Certificate with Public Key
PKI
Public Key Infrastructure
WOT
Web of Trust