Chapter 6 DXp SeCurity Threat profiling of Fund Management in Banking DXP The main vulnerabilities in fund management are as follows. We can create security test cases for testing these scenarios: • Altering the funds balance in the account through SQL injection attacks • Attempting to transfer funds from other users account • Changing profile details of other users • Viewing account details of other users DXP Security Checklists In this section we have defined the checklist for various categories. The checklist can be used during security code review and during security testing. DXP Architecture and Design Phases Security Checklist • Ensure that security validations are done at client-side, server-side, and all integration layers. • While using the third-party party libraries, check for any known security vulnerabilities. • Identify all the sensitive data and categorize the data based on their sensitiveness. Clearly define the security policies for each of the categories. • Enforce continuous and iterative security testing at all SDLC lifecycle stages. • Define a robust cryptography process and encryption process. Prefer strong encryption algorithms such as SHA 256 bit for encryption and use one-way hash algorithms for encrypting sensitive data. • Establish a secure transport layer for all sensitive transactions. • Perform detailed thread profiling for the DXP application and define the security test cases for the same. 196