CISOBot - Your AI CISO Assistant

WEB-11

Output Encoding

Weight: 9/10

Description

Mechanisms exist to ensure output encoding is performed on all content produced by a web application to reduce the likelihood of cross-site scripting and other injection attacks.

Control Question

Does the organization ensure output encoding is performed on all content produced by a web application to reduce the likelihood of cross-site scripting and other injection attacks?

Control Metadata

Domain:

Web Security

Validation Cadence:

Annual

Have questions about this control?

Ask CISOBot for implementation guidance and best practices