Regulation No 442 of the Cabinet of Ministers (Latvia)
Confidentiality is the property, that information is not made available or disclosed to unauthorized individuals, entities, or processes.
Integrity means that data cannot be modified in an unauthorized or undetected manner.
Availability is the property of the information system to be available when it is needed.
Measured against the defined availability times.
CVSS = Common Vulnerability Scoring System
Each vulnerability scored: 0 (huh? meh!) to 10 (SHTF)
+ no publicly known vulnerabilities
- no publicly known vulnerabilities
- requires lots of resources to implement correctly
Remember "MacOS has no viruses"?
"OH MY GAWD WE'RE ALL GONNA DIE DOWN HERE!!11"
of all themes have had vulnerabilities
|Theme||# of vulns|
of all plugins have had vulnerabilities
|Plugin||# of vulns|
Tests are usually carried out according to OWASP ASVS.
V1. Architecture, design and threat modelling V2. Authentication V3. Session management V4. Access control V5. Malicious input handling V7. Cryptography at rest V8. Error handling and logging V9. Data protection V10. Communications V11. HTTP security configuration V13. Malicious controls V15. Business logic V16. File and resources
V17. Mobile V18. Web servicesV19. Configuration
(if time permits)
Just follow these tips and make sure to study the linked material.
define( 'WP_AUTO_UPDATE_CORE', true ); add_filter( 'auto_update_plugin', '__return_true' ); add_filter( 'auto_update_theme', '__return_true' );
define('AUTH_KEY', 'put your unique phrase here'); define('SECURE_AUTH_KEY', 'put your unique phrase here'); define('LOGGED_IN_KEY', 'put your unique phrase here'); define('NONCE_KEY', 'put your unique phrase here');