SDP Security Question?

SDP Security Question?

Hi SDP Support, 

 

      We are a potential customer for SDP Software. Could you please help to answer the question as they are concern for our security team? 

              Session Management

      1. Is the session token tied in some ways to a specific HTTP client instance (individual session ID/Cookie and IP address) in order to prevent an attack in a form of session hijacking, replay attacks or automated script attack?

      2. Can SDP generate the new session after successful login or any re-authentication?

      3. Is the identity on client such as cookie deleted after session is closed either by user logging out or idle time is reached?

             Injection/XSS

      4. Can SDP perform a validation at the server side to sanitize the query parameter. A query parameter with potential malicious input?

      5. Can SDP perform a validation at the server side against every user-input data to validate whether potential malicious scripts/characters are submitted?

      6. Can SDP transformed special characters displaying on the webpage to HTML entity to prevent potential malicious scripts from being executed e.g. <script> must be encoded to &ltscript&gt?

            Upload File

      7. Can SDP limit upload file in specific format?


        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                        Related Products