Web Application Security Flaws

Let’s understand security flaws in web based applications

Following are stack where we miss security measurements like…

⚫Underlaying Architecture

• Hardware, Network, PKI, and authentication

⚫ Poor coding practice

• Lack of proper input validation

⚫ No encryption of

• Data in transit

Security at Network

Network Security

• Network accessibility
• Lack of encryption at network
• Lack of digital signatures
• Web app back-end on user network

Security at Operation System

Operation System

1. Missing patches of operation systems
2. Default settings of operation systems
3. Unnecessary services of systems
4. Unused user accounts of systems

Security at Web Service stack

Web Service stack

1. Missing software updates
2. Expired PKI certificate
3. Unnecessary running module
4. Default settings of services
5. HTTP vs HTTPs
6. Using SSL instead of TSL

Security at Third-party components

Third-party components

1. Lack of component knowledge
2. Missing software updates
3. Default Settings of third party component's
4. Authentication with other components