Application Layer Attacks | Countermeasures |
Malware Attacks | Network Security Tools, Anti-Malware Software, Firewall, SSL/TLS Certification |
SQL Injections | The use of Prepared Statements with Parameterized Queries, Stored Procedures, List Input Validation, Principle of Least Privilege |
Cross-site Scripting (XSS) | Filter input on arrival, encode data on output, Use appropriate response headers |
Directory Traversal Attack | Validate user input before processing |
Phishing | End-User Training, Phishing filters |
Email Spoofing | Email Authentication |
Password Sniffing | Encryption, VPN |