In today’s world, an online presence is not only required but a necessity for any modern business but going online also comes with many challenges, any loopholes in application security can lead to various cyber-attacks thus ruin the reputation of any organization.
OWASP The Open Web Application Security Project is an open-sourced, community that is dedicated to providing organizations around the world with free, practical resources to support application security.
OWASP Foundation | Open Source Foundation for Application Security
The Open Web Application Security Project ® (OWASP) is a nonprofit foundation that works to improve the security of…
One of the main projects of OWASP is to monitor top security risks that exist in today’s world.
In this post, I will summarize them as a quick overview, In my future posts, I will share how to actually mitigate these risks in the AWS cloud (coming soon).
Probably the most common issue, potentially result of insecure default configurations, incomplete setup, open cloud storage, misconfigured HTTP headers, or exposing sensitive data such as PII or PHI in logs.
In order to prevent security misconfiguration issues, organizations should not think of it as a one-time affair, it is more like a continuous practice by keeping an eye on the configurations, patching systems, updated OS and software in a timely fashion.
The injection was used to be called SQL Injection but now not limited to SQL but NoSQL, LDAP, OS, and others. Basically, any loopholes in the application code or logic that allows the hacker to access data without authorization.
Using proper query techniques such as using bind variables, firewalls and other configurations could help to avoid injection issues in the application.
Cross-Site Scripting (XSS)
Using proper firewalls and configurations you can avoid XSS issues in your applications.
Broken authentication is one of the biggest issues these days. It allows hackers to compromise passwords, IDs, keys, or tokens and gain access to your data.
Using Multi-Factor Authentications (MFAs) and other techniques you can improve the authentication process, even your primary authentication process is weak.
Many applications do not properly protect sensitive data from being exposed, such as Personally Identifiable Information (PII), Protected Health Information (PHI), financial and other sensitive data. Attackers may steal or modify sensitive information to conduct cyber crimes such as credit fraud, identify theft, and others.
Implementing strong encryption, security, authentication, and authorization controls could protect sensitive data from being unintentionally exposed.
Insufficient Logging and Monitoring
Insufficient logging and monitoring could allow hackers to continue to attack the system without even getting noticed. Attackers are continuously looking for any loopholes in web applications any delay in detecting the data breach could be very harmful to any organization.
By implementing logging tools setting up baseline analysis and continuously monitoring could prevent any delays in detecting security breaches.
Broken Access Control
In many organizations, authenticated users have more access than they are required. For example, in the cloud computing world, having developers' administrative access to the account could provide an opportunity for attackers to damage the infrastructure or applications in case of any security breach.
I saw, once a developer uploaded AWS access keys to GitHub and in a few hours, there were 100+ instances running bitcoin mining on their account.
By applying the principle of least privilege access controls, we can prevent potential damage to the security of the IT systems.
Most data breaches happen due to vulnerabilities that were left open. Frameworks, libraries, and other modules run as same privileges as the application. If the vulnerability is exploited attackers could expose sensitive data or take over the system.
By keeping systems up to date with patching and configurations, enable logging and monitoring, organizations can control vulnerabilities issues that could potentially cause a data and security breach.
Deserialization is a process to restore byte streams to form an original object.
Insecure deserialization is when user data is deserialized by an application. This potentially enables an attacker to manipulate serialized objects in order to pass harmful data into the application and execute remote code to perform attacks, including replay attacks, injection attacks, and privilege escalation attacks.
XML External Entities (XEE)
And the last one from the OWASP Top 10 list, is XML External Entities. XEE is a web security vulnerability that allows an attacker to interfere with an application’s processing of XML data. Often older or poorly configured systems allow attackers to see or access internal files such as file systems or server configurations using the URI hander or other methods.
DataNext Solutions is a US-based system integrator, specialized in Cloud, Security, and DevOps technologies. As a registered AWS partner, our services comprise of any Cloud Migration, Cost optimization, Integration, Security, Compliance, and Managed Services. Visit our website www.datanextsolutions.com for more info.