Forum Discussion
Vijith_182946
Cirrostratus
Just to add some points, i would always sit in the middle of positive and negative security model. In the context of web apps POSITIVE security model is deny all, allow only what is known to be good. NEGATIVE security model allow all, deny only what is known to be bad. As Nathan stated when you go with only one model (signature) you are going to deal with a lots of burden on you !
Nuruddin_Ahmed_
Mar 07, 2016Cirrostratus
Thank you