5 Most Common Web Security Vulnerabilities - PowerPoint PPT Presentation

About This Presentation
Title:

5 Most Common Web Security Vulnerabilities

Description:

Vulnerability management solutions help sanitise application inputs and outputs, and adopting certain coding practices can protect applications against most vulnerabilities and assures your vulnerability management. – PowerPoint PPT presentation

Number of Views:1
Slides: 9
Provided by: katherinewilliams
Tags:

less

Transcript and Presenter's Notes

Title: 5 Most Common Web Security Vulnerabilities


1
5 Most Common Web Security Vulnerabilities

2
  • Vulnerability management solutions help sanitise
    application inputs and outputs, and adopting
    certain coding practices can protect applications
    against most vulnerabilities and assures your
    vulnerability management. However, this is not
    enough. Web applications are constantly
    developing, and security testing must be
    incorporated into every development lifecycle
    stage to identify and fix vulnerable code early
    on.

3
SQL Injection
  • It occurs when attackers use malicious SQL code
    to manipulate backend databases. The result can
    include unauthorised data listing, dropping
    (deletion) of tables, and unauthorised
    administrative access.

4
Cross-Site Scripting (XSS)
  • It is an attack targeting users of an
    application. It can be used to access user
    accounts, attack their data to inject Trojans,
    change page content to deceive users, or deface a
    website. A more dangerous variant is stored XSS
    when malicious code is injected persistently into
    the application to distort your data. Reflected
    XSS also starts happening when malicious scripts
    are reflected from the application to the users
    browser. Attackers can use JavaScript for XSS
    vulnerabilities to access a users webcam,
    location, and other sensitive data and functions.

5
Broken Authentication
  • Authentication helps apps identify and validate
    users. If the authentication breaks, it can allow
    attackers to access and have the same permissions
    as the targeted user, creating severe web app
    vulnerabilities. Authentication issues can give
    an attacker access to your sensitive data and
    wreak havoc on your web application.

6
Cross-Site Request Forgery (CSRF)
  • It is an attack that can lead to unwanted
    transfers of funds, password changes, or data
    theft. It involves an attacker leveraging a
    users open session, causing the users browser
    to unknowingly perform actions on a site the user
    is logged into. CSRF uses social engineering to
    trick authenticated users into clicking a link,
    for example, and take control of their sessions.
    As the attacker has established sessions, it can
    lead to unwanted performance changes to the state
    of an app or data theft.

7
Security Misconfiguration
  • In this vulnerability, web applications are
    misconfigured, leaving an array of
    vulnerabilities for attackers to capitalise on.
    Security misconfigured vulnerabilities include
    various issues followed up with unpatched flaws,
    unused pages, unprotected files or directories,
    outdated software, and running software in debug
    mode.

8
THANK YOU




Write a Comment
User Comments (0)
About PowerShow.com