What is OWASP?
OWASP is the abbreviation of Open Web Application Security Project. It is an online forum which publishes articles, documentations, technologies and tools pertaining to web application security.
How to define OWASP Top 10?
OWASP Top 10 is the most looked up to a list of the top 10 most common vulnerabilities pertaining to applications. It depicts the impact, risk, and solutions for these vulnerabilities. The latest Top 10 was released in 2018.
The Top 10 vulnerabilities are:
A code injection transpires when an attacker impels invalid particulars to the web application with the determination to coerce it to do something that the application was not intended or programmed to do in the first place.
Conceivably the most quotidian instance around the injection vulnerability is the SQL query squandering untrusted data. Examples/scenarios explaining about SQL Injection could be found in https://portswigger.net/web-security/sql-injection
The heart of a code injection vulnerability is the scarcity of affirmation of the data utilized by the web application, meaning that the vulnerability can be existent in pretty much any category of technology. Anything that takes up parameters as input can possibly be at risk to a code injection attack.
A few preventions for code injection would majorly be two things. One, severance of data from web application logic. Second, effectuate settings and/or diminutions to limit data disclosure in case of victorious injection attacks.
A broken authentication vulnerability allows an attacker to utilize automatic and/or manual modus operandi to try to procure control over any account they sought out in a system, or worst-case scenario; to completely take over the system/application. Broken authentication is very commonly found in web applications. The presence of broken authentication indicates about the flaws in the mechanism of authentication logic developed in a web application.
A web application is considered to be prone to broken authentication if they reciprocate to any one of the scenarios like credentials stuffing [1], permits brute force attacks [2], accepts default or weak passwords use weakly hashed passwords, ineffective multi-factor authentication, exposure or replication of session IDs.
Few of prevention to protect the web from Broken authentication would be non-acceptance of default passwords, proper and invalidation of session management, limitation of wrong credentials entries, setting the password complexity, length, and many more.
This is one of the most widespread vulnerabilities in the OWASP Top 10 list. It exposes the most important or compromising data which should ideally have been shielded. A few of the examples of sensitive data exposure would be Social security number, credit card number, credentials, database, medical information, and any form of personal information.
According to OWASP some of the steps for the prevention of sensitive data exposure are to classify all the data processed in an application, not to store sensitive data unnecessarily, encrypt all data when not being used. Proper key management etc.,
This is an attack attempted against an application that parses the XML input. This attack takes place when XML input containing an allusion to an external set up which is handled by a debilitant configured XML parser.
Few steps of preventions from this vulnerability would be to use fewer complex data formats like JSON whenever possible, circumvent serialization of sensitive data, constant patching, and upgrading of all XML processors, using dependency checkers, validation of incoming XML or XSL using XSD validation, using API security gateways, virtual patching etc.
Limiting control over who views what pages and sections on the website are known as access control. But if there is an access control vulnerability present in any website then the attacker can access unauthorized data or feature, change access rights, temper the data and content of the website, view sensitive files etc.,
The prevention of such vulnerability would be to set deny by default while setting the exception of public resources, model access control, disable web-server directory listing, rate limit API.
At the basic, brute force attack is the attack of trying many possibilities, but there are many types in this attack which can increase the success rate. The most common ones are unused pages with public access, default configurations, unprotected files and directories, unpatched flaws, outdates software, unnecessary services etc.,
Few steps of preventions would be to a repeated hardening process, removal or non-installation of unused frameworks and features, sending security directives to clients etc.
This is a widespread vulnerability that counterfeits many web applications. XSS attacks incorporate injecting malicious client-side scripts into a website and then using this as an intermediate medium. The peril behind XSS is that it grants an attacker to inject the code into a website and modify it as per the display. This compels the victim’s browser to load the injected code while loading the site. There are three types of XSS attacks: Stored XSS [3], Reflected XSS [4] and DOM Based [5]
Few common preventions that can be implemented are escaping untrusted HTTP requests, enabling content security policy, and many more.
Deserialization is the process of converting byte strings into objects. If the website is vulnerable to this attack then an attacker could modify the object to give him an admin role and serialize it back leaving it wide open to the attacker to compromise the website.
The best prevention possible would be to make sure to not accept serialization from any untrusted sources. Along with this other prevention could be restricting incoming and outgoing network connectivity, logging deserialization failure attempts, implementing integrity checks, and many more.
This vulnerability could be the most exploited one. The kind of websites which are dependent on other sources mainly. Based on the kind of third-party dependencies used a website can be vulnerable and continue to use the website without knowing what issues pertain in such sites etc.,
Prevention would be to get rid of inactive components, acquire components only from trusted sources, virtual patching, and many more.
Not containing efficient monitoring and logging of how a website is being handled by its user is open to this vulnerability and this is a high risk for websites.
The easiest and safest prevention would be to keep audits logs and check them regularly.
In conclusion, any and every website being built should be checked for the above-mentioned vulnerabilities and actioned accordingly to the result to ensure that the website is safe for everyone using it.
InfosecTrain offers Open Web Application Security Project (OWASP) Training & Certification. To know more about this course and other trainings we conduct, please visit https://www.infosectrain.com AUTHOR by Supraja Ramakrishnan