Web Application Security Flaws
Aug 21, 2021
Letโs understand security flaws in web based applications
Following are stack where we miss security measurements likeโฆ
โซUnderlaying Architecture
- Hardware, Network, PKI, and authentication
โซ Poor coding practice
- Lack of proper input validation
โซ No encryption of
- Data in transit
Security at Network
- Network accessibility
- Lack of encryption at network
- Lack of digital signatures
- Web app back-end on user network
Security at Operation System
- Missing patches of operation systems
- Default settings of operation systems
- Unnecessary services of systems
- Unused user accounts of systems
Security at Web Service stack
- Missing software updates
- Expired PKI certificate
- Unnecessary running module
- Default settings of services
- HTTP vs HTTPs
- Using SSL instead of TSL
Security at Third-party components
- Lack of component knowledge
- Missing software updates
- Default Settings of third party component's
- Authentication with other components