Secure Cookies

Cookies are small pieces of data stored on a computer by a web browser while accessing a website.

Cookies maintain session states, remember user preferences, and track user behavior (!) and other settings. They are highly exploitable if not properly secured, leading to session hijacking or cross-site scripting. Developers should mark all their needed cookies with the 'Secure' attribute to force them to use HTTPS. They should use the 'HttpOnly' attribute to prevent client-side scripts from accessing the cookie's data. And they should use the 'SameSite' attribute to protect against XSS forging attempts.

Sophisticated Attacks

Proliferation of Attack Software

Attack Scale and Velocity

Threat Actors

General Attack Strategies

General Defense Strategies

Attack Surfaces

Social Engineering

Malware

Overview of Cryptography

Asymmetric Encryption

Stream Ciphers

Block Ciphers

Blockchain

Cryptographic Attacks

GNU Privacy Guard

Smart Card Authentication

Linux Group Commands

Network Federation

NAC Agents

NAC Process

Implementing Switch Security

Physical Security

Reconnaissance

Vulnerability Types

Vulnerability Scanning

Security Information Events Manager

Data Loss Prevention

Wireless Access Methods

Web App Attacks

Waterfall Development Life Cycle

Agile Software Development Model

Software Sandboxing

Static Code Analysis

Secure Coding Techniques

Code Signing

Secure Cookies

Securing Embedded Systems

Email Security

Governance and Accountability

Data Governance Roles

Third Party Vendors

Rules of Engagement

Vendor Assessment

Secure Cookies

Cookies are small pieces of data stored on a computer by a web browser while accessing a website.