An overview of the sensitive data exposure security threat from OWASP Top 10 followed by a few examples of attack scenario and can they be prevented.
In a previous post, we covered the broken authentication security threat in detail. In this post, we’re going to talk about security threats caused due to sensitive data exposure.
As the name suggests, this security threat occurs when the web application doesn’t adequately protect sensitive information like session tokens, passwords, banking information, location, health data, or any other similar crucial data whose leak can be critical for the user. This threat affects users the most and can cause financial loss, access to the victim’s accounts, blackmailing which ultimately results in decreased trust in the brand.
Hardcoding data like tokens, secret_keys, passwords in the source code.
Logging sensitive data in server logs.
Caching sensitive data.
Transmitting sensitive information in plain text.
Using old or weak cryptographic algorithms.
Using default crypto keys, generating or re-using weak crypto keys.
User-agent (e.g. app, API) not validating received server certificate which can result in a rogue server attempting to masquerade as a legit server.
An SSL-enabled client goes through the following steps to authenticate a server’s identity:
Is today’s date within the validity period?
Is the issuing CA a trusted CA?
Does the issuing CA’s public key validate the issuer’s digital signature?
Does the domain name in the server’s certificate match the domain name of the server itself?
An extensively researched list of top microsoft big data analytics and solution with ratings & reviews to help find the best Microsoft big data solutions development companies around the world.
‘Data is the new science. Big Data holds the key answers’ - Pat Gelsinger The biggest advantage that the enhancement of modern technology has brought
We need no rocket science in understanding that every business, irrespective of their size in the modern-day business world, needs data insights for its expansion. Big data analytics is essential when it comes to understanding the needs and wants of a significant section of the audience.
In this article, see the role of big data in healthcare and look at the new healthcare dynamics. Big Data is creating a revolution in healthcare, providing better outcomes while eliminating fraud and abuse, which contributes to a large percentage of healthcare costs.
Big Data Analytics is the next big thing in business, and it is a reality that is slowly dawning amongst companies. With this article, we have tried to show you the importance of Big Data in business and urge you to take advantage of this immense...