Web Application Security Flaws
Aug 21, 2021
Let’s understand security flaws in web based applications
Following are stack where we miss security measurements like…
⚫Underlaying Architecture
- Hardware, Network, PKI, and authentication
⚫ Poor coding practice
- Lack of proper input validation
⚫ No encryption of
- Data in transit
Security at Network
- Network accessibility
- Lack of encryption at network
- Lack of digital signatures
- Web app back-end on user network
Security at Operation System
- Missing patches of operation systems
- Default settings of operation systems
- Unnecessary services of systems
- Unused user accounts of systems
Security at Web Service stack
- Missing software updates
- Expired PKI certificate
- Unnecessary running module
- Default settings of services
- HTTP vs HTTPs
- Using SSL instead of TSL
Security at Third-party components
- Lack of component knowledge
- Missing software updates
- Default Settings of third party component's
- Authentication with other components