In today’s world, an online presence is not only required but a necessity for any modern business. Going online also comes with many challenges. Any loopholes in application security can lead to various cyber-attacks thus ruining the reputation of any organization.
OWASP The Open Web Application Security Project is an open-sourced, community that is dedicated to providing organizations around the world with free, practical resources to support application security.
OWASP Foundation | Open Source Foundation for Application Security
One of the main projects of OWASP is to monitor top security risks that exist in today’s world.
In this post, I will summarize them in a quick overview. In future posts, I will share how to actually mitigate these risks in the AWS cloud (coming soon).
Security Misconfiguration
Probably the most common issue that is a result of insecure default configurations, incomplete setup, open cloud storage, misconfigured HTTP headers, or exposing sensitive data such as PII or PHI in logs.
In order to prevent security misconfiguration issues, organizations should not think of it as a one-time affair. It is more like a continuous practice by keeping an eye on the configurations, patching systems, updated OS and software in a timely fashion.
Injection
The injection used to be called SQL Injection but now not limited to SQL but NoSQL, LDAP, OS, and others. Basically, any loopholes in the application code or logic that allows the hacker to access data without authorization.
Using proper query techniques such as bind variables, firewalls and other configurations could help to avoid injection issues in the application.
Cross-Site Scripting (XSS)
XSS is more like an injection into a webpage. XSS occurs whenever an application includes untrusted data into a webpage without proper validation. XSS allows hackers to update an existing page by injecting their own HTML or JavaScript code into the application, which could potentially hijack user sessions, deface the website, or redirect users to malicious sites.
Using proper firewalls and configurations can avoid XSS issues in your applications.
Broken Authentication
Broken authentication is one of the biggest issues these days. It allows hackers to compromise passwords, IDs, keys, or tokens and gain access to your data.
Using Multi-Factor Authentications (MFAs) and other techniques can improve the authentication process, even if your primary authentication process is weak.
Data Exposure
Many applications do not properly protect sensitive data from being exposed, such as Personally Identifiable Information (PII), Protected Health Information (PHI), financial and other sensitive data. Attackers may steal or modify sensitive information to conduct cyber crimes such as credit fraud, identify theft, and others.
Implementing strong encryption, security, authentication, and authorization controls could protect sensitive data from being unintentionally exposed.
Insufficient Logging and Monitoring
Insufficient logging and monitoring could allow hackers to continue to attack the system without even getting noticed. Attackers are continuously looking for any loopholes in web applications. Any delay in detecting the data breach could be very harmful to any organization.
By implementing logging tools that set up up baseline analysis and continuously monitoring could prevent any delays in detecting security breaches.
Broken Access Control
In many organizations, authenticated users have more access than they are required. For example, in the cloud computing world, having developers’ administrative access to the account could provide an opportunity for attackers to damage the infrastructure or applications in case of any security breach.
I saw, once a developer uploaded AWS access keys to GitHub and in a few hours, there were 100+ instances running bitcoin mining on their account.
By applying the principle of least privilege access controls, we can prevent potential damage to the security of the IT systems.
Known Vulnerabilities
Most data breaches happen due to vulnerabilities that were left open. Frameworks, libraries, and other modules run as same privileges as the application. If the vulnerability is exploited attackers could expose sensitive data or take over the system.
By keeping systems up to date with patching and configurations, enable logging and monitoring, organizations can control vulnerabilities issues that could potentially cause a data and security breach.
Insecure Deserialization
Deserialization is a process to restore byte streams to form an original object.
Insecure deserialization is when user data is deserialized by an application. This potentially enables an attacker to manipulate serialized objects in order to pass harmful data into the application and execute remote code to perform attacks, including replay attacks, injection attacks, and privilege escalation attacks.
XML External Entities (XEE)
And the last one from the OWASP Top 10 list, is XML External Entities. XEE is a web security vulnerability that allows an attacker to interfere with an application’s processing of XML data. Often older or poorly configured systems allow attackers to see or access internal files such as file systems or server configurations using the URI hander or other methods.
Conclusion
Hopefully, you find this post useful and are now familiar with the top common security risks, that exist in today’s world. If you have any questions feel free to contact me on my LinkedIn or Twitter.
About DataNext
DataNext Solutions is a US-based system integrator, specialized in Cloud, Security, and DevOps technologies. As a registered AWS partner, our services comprise of any Cloud Migration, Cost optimization, Integration, Security, Compliance, and Managed Services. Visit our website www.datanextsolutions.com for more info.