1 / 8

5 Most Common Web Security Vulnerabilities

Vulnerability management solutions help sanitise application inputs and outputs, and adopting certain coding practices can protect applications against most vulnerabilities and assures your vulnerability management. <br>Website: https://www.fncyber.com/vulnerability-management

fncyber
Download Presentation

5 Most Common Web Security Vulnerabilities

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 5 Most Common Web Security Vulnerabilities

  2. Vulnerability management solutions help sanitise application inputs and outputs, and adopting certain coding practices can protect applications against most vulnerabilities and assures your vulnerability management. However, this is not enough. Web applications are constantly developing, and security testing must be incorporated into every development lifecycle stage to identify and fix vulnerable code early on.

  3. It occurs when attackers use malicious SQL code to manipulate backend databases. The result can include unauthorised data listing, dropping (deletion) of tables, and unauthorised administrative access. SQL Injection

  4. It is an attack targeting users of an application. It can be used to access user accounts, attack their data to inject Trojans, change page content to deceive users, or deface a website. A more dangerous variant is stored XSS when malicious code is injected persistently into the application to distort your data. Reflected XSS also starts happening when malicious scripts are reflected from the application to the user’s browser. Attackers can use JavaScript for XSS vulnerabilities to access a user’s webcam, location, and other sensitive data and functions. Cross-Site Scripting (XSS)

  5. Authentication helps apps identify and validate users. If the authentication breaks, it can allow attackers to access and have the same permissions as the targeted user, creating severe web app vulnerabilities. Authentication issues can give an attacker access to your sensitive data and wreak havoc on your web application. Broken Authentication

  6. It is an attack that can lead to unwanted transfers of funds, password changes, or data theft. It involves an attacker leveraging a user’s open session, causing the user’s browser to unknowingly perform actions on a site the user is logged into. CSRF uses social engineering to trick authenticated users into clicking a link, for example, and take control of their sessions. As the attacker has established sessions, it can lead to unwanted performance changes to the state of an app or data theft. Cross-Site Request Forgery (CSRF)

  7. In this vulnerability, web applications are misconfigured, leaving an array of vulnerabilities for attackers to capitalise on. Security misconfigured vulnerabilities include various issues followed up with unpatched flaws, unused pages, unprotected files or directories, outdated software, and running software in debug mode. Security Misconfiguration

  8. THANK YOU

More Related