Security Testing Handbook for Banking Applications

Attackers are increasingly focusing their attention on the application layer; visionary banks have responded by proactively testing their entire suite of applications. It is not enough any more to test only the public facing Internet banking application. The ease with which many attacks can be carried out now requires that all applications, including internal applications, be tested. "Security Testing Handbook for Banking Applications" is a specialized guide to testing a wide range of banking applications. The book is intended as a companion to security professionals, software developers and QA professionals who work with banking applications. The book is a manual for compliance with current and future regulatory compliance requirements; it may also be seen simply as a practical and comprehensive guide to best practice application security to support every person involved in this field. The authors are all part of a large Application Security team at Paladion; between them they have tested over three hundred banking applications. Within this book the authors share their experiences of using a structured approach to security testing, look at the checklist used for testing, discuss different banking applications and see how these can be tested effectively.