diff --git a/app/views/layouts/tutorial/_sidebar.html.erb b/app/views/layouts/tutorial/_sidebar.html.erb index 5eb1d72..241339c 100755 --- a/app/views/layouts/tutorial/_sidebar.html.erb +++ b/app/views/layouts/tutorial/_sidebar.html.erb @@ -49,8 +49,8 @@ A5 Misconfig <% end %> -
  • - <%= link_to "#" do %> +
  • + <%= link_to exposure_tutorials_path do %>
    diff --git a/app/views/layouts/tutorial/crypto/_password_hashing.html.erb b/app/views/layouts/tutorial/exposure/_password_hashing.html.erb similarity index 98% rename from app/views/layouts/tutorial/crypto/_password_hashing.html.erb rename to app/views/layouts/tutorial/exposure/_password_hashing.html.erb index 1a9394e..a328e47 100755 --- a/app/views/layouts/tutorial/crypto/_password_hashing.html.erb +++ b/app/views/layouts/tutorial/exposure/_password_hashing.html.erb @@ -1,7 +1,7 @@
    - A7 - Insecure Cryptographic Storage - Password Storage + A6 - Sensitive Data Exposure - Insecure Password Storage
    diff --git a/app/views/layouts/tutorial/crypto/_ssn.html.erb b/app/views/layouts/tutorial/exposure/_ssn.html.erb similarity index 95% rename from app/views/layouts/tutorial/crypto/_ssn.html.erb rename to app/views/layouts/tutorial/exposure/_ssn.html.erb index 725d54f..1718b97 100644 --- a/app/views/layouts/tutorial/crypto/_ssn.html.erb +++ b/app/views/layouts/tutorial/exposure/_ssn.html.erb @@ -1,7 +1,7 @@
    - A7 - Insecure Cryptographic Storage - Clear-text storage of SSN(s) + A6 - Sensitive Data Exposure - Clear-text storage of SSN(s)
    @@ -62,7 +62,7 @@
    -

    Password Storage - SOLUTION

    +

    SSN Storage - SOLUTION

    There is a lot of guidance on adequately protecting sensitive data at rest and using a layered defensive approach. Make no mistake, this should not be your sole means of securing sensitive data. That being said, there are at least four precautions that should be taken.

  • The sensitive data is encrypted everywhere, including backups
    • @@ -92,7 +92,7 @@
    - How protected are those passwords in the database against cracking? + My SSN seems pretty important, hope it's kept safe!
    diff --git a/app/views/tutorials/crypto.html.erb b/app/views/tutorials/exposure.html.erb similarity index 65% rename from app/views/tutorials/crypto.html.erb rename to app/views/tutorials/exposure.html.erb index 7bd24af..3e99af5 100755 --- a/app/views/tutorials/crypto.html.erb +++ b/app/views/tutorials/exposure.html.erb @@ -2,22 +2,22 @@
    - <%= render :partial => "layouts/tutorial/crypto/password_hashing" %> + <%= render :partial => "layouts/tutorial/exposure/password_hashing" %>
    - +