Vulnerability Analysis - Literature Review Activity

The Open Worldwide Application Security Project (OWASP) is an online community that produces freely available articles, methodologies, documentation, tools, and technologies in the field of web application security. According to (OWASP, N.D), below are some of the most common web application security risks:

  1. Broken Access Control - Failures of enforced policies which lead to unauthorized information disclosure, modification, or destruction of all data or performing a business function outside the user’s limits. Access control is only effective in trusted server-side code or server-less API, where the attacker cannot modify the access control check or metadata. These attacks can be mitigated by implementing access control mechanisms, logging access control failures, and denying access by default.

  2. Cryptographic Failures - This vulnerability was previously known as previously known as Sensitive Data Exposure, which is more of a broad symptom rather than a root cause, the focus is on failures related to cryptography (or lack thereof). Which often lead to exposure of sensitive data. Some of the ways these types of attacks can be mitigated are by using updated and established cryptographic functions, algorithm, and protocols, use authenticated encryption instead of plain encryption, disabling caching for responses with sensitive date, and logging all data processed by the application.

  3. Injection – These types of attacks refer to a broad class of attack vectors. Some popular ones are SQL, XSS, CRLF, Email Header etc. In an injection attack, an attacker supplies untrusted input to a program. This input gets processed by an interpreter as part of a command or query. In turn, this alters the execution of that program. Injection attacks are amongst the oldest and most dangerous attacks aimed at web applications. They can lead to data theft, data loss, loss of data integrity, denial of service, as well as full system compromise. The primary reason for injection vulnerabilities is usually insufficient user input validation. Some of the best mitigations from these attacks stem from developer stages by using prepared statements, properly constructed stored procedures, allowing list input validation.

  4. Identification and Authentication Failures - Confirmation of the user’s identity, authentication, and session management is critical to protect against authentication-related attacks. There may be authentication weaknesses if the application permits credential stuffing, weak or well-known passwords, uses weak or ineffective credential recovery and forgot-password processes, has missing or ineffective multi-factor authentication, exposes session identifier in the URL etc.

Although there are many more security risks and procedures against them, for the purpose of this exercise, I have chosen the above. It is also important to note that effective website security requires design effort across the whole of the website. This can be in the web application, the configuration of the web server, your policies for creating and renewing passwords, and the client-side code. While all that sounds very ominous, the good news is that if you’re using a server-side web framework, it will almost certainly enable “by default” robust and well-thought-out defence mechanisms against several of the more common attacks. Other attacks can be mitigated through the web server configuration, for example by enabling HTTPS. Finally, there are publicly available vulnerability scanner tools that can help you find out if you’ve made any obvious mistakes. It is also very important to choose a credible and secure hosting platform, which should have its own security policies and procedures in place.