【從評估檢測必要性到事後風險評估的流程全解密】樂天市場揭露產品資安檢測方法
支付動態 · 2024-07-12
制度化檢測需求及流程細節,注重開發與資安團隊間的溝通
特色1 樂天產品檢查以請求為單位,而非以URL或IP為單位。例如,這個簡單的登入頁面就有高達8個請求,需要各自做一輪資安檢查。攝影/郭又華
特色2 提交檢查需求時,開發團隊需要給資安團隊詳細的產品資訊,包括HTTP請求方法HTTP Method、目標URL,以及各種其他細項參數。攝影/郭又華
特色3 進行資安檢測時,樂天資安工程師會拿到一份詳細的檢查表,以Web產品來說,會有超過100個項目。工程師測試完,還須在檢查表上逐一標註完成。攝影/郭又華
特色4 開發團隊評估漏洞無法在產品上線前修補時,便須由開發和資安團隊主管共同決定是否承擔此風險,並擬定長短期應對計畫。CVSS分數越高,所需簽核主管等級越高。攝影/郭又華
Popular articles
Indiana online casino bill stalls in House committee
Regulation
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
1spin4win grows its Latin American presence by partnering with Fortuna Juegos
Online Game
Are you ready to maximize your earnings? Try ProPush.me Constructor!
Marketing
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
Vietnam's tightening online gaming policy creates new market opportunities
Southeast Asia
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
1spin4win releases unique slot Don Catleone Hold and Win featuring gangster cats
Online Game
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
Kazakhstan plans to penalise online casino promotions
Regulation
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
