Table of Contents

• Title and Copyright Information
• 1 Preface
  • 1.1 Purpose
  • 1.2 Audience
  • 1.3 Documentation Accessibility
  • 1.4 Conventions
  • 1.5 Critical Patches
  • 1.6 Diversity and Inclusion
  • 1.7 Basic Actions
  • 1.8 Screenshot Disclaimer
• 2 Scope
• 3 How to address the OWASP Top10 in FLEXCUBE UBS
  • 3.1 Cross-Site Scripting (XSS)
  • 3.2 Insecure Direct Object References
  • 3.3 Security Misconfiguration
  • 3.4 Sensitive Data Exposure
  • 3.5 Missing Function Level Access Control
  • 3.6 Cross-Site Request Forgery (CSRF)
  • 3.7 Use Components with Known Vulnerabilities
  • 3.8 Unvalidated Redirects and Forwards Network Security
• 4 Secure Gateway Services