iGlobal Labs - Application Security

Application security

Application security encompasses measures taken throughout the code's life-cycle to prevent gaps in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance of the application.

Common application security threats are given below:

Category

Threats/Attacks

Input Validation

Buffer overflow; cross-site scripting; SQL injection; canonicalization

Software Tampering

Attacker modifies an existing application's runtime behaviour to perform unauthorized actions; exploited via binary patching, code substitution, or code extension

Authentication

Network eavesdropping ; Brute force attack; dictionary attacks; cookie replay; credential theft

Authorization

Elevation of privilege; disclosure of confidential data; data tampering; luring attacks

Configuration Management

Unauthorized access to administration interfaces; unauthorized access to configuration stores; retrieval of clear text configuration data; lack of individual accountability; over-privileged process and service accounts

Sensitive Information

Access sensitive code or data in storage; network eavesdropping; code/data tampering

Session Management

Session hijacking; session replay; man in the middle

Cryptography

Poor key generation or key management; weak or custom encryption

Parameter Manipulation

Query string manipulation; form field manipulation; cookie manipulation; HTTP header manipulation

Exception Management

Information disclosure; denial of service

Auditing and Logging

User denies performing an operation; attacker exploits an application without trace; attacker covers his or her tracks

Security testing techniques check for vulnerabilities or security holes in applications. These vulnerabilities leave applications open to exploitation.

Automated tools associated with application security detection are vulnerability scanners, penetration testing tools and code analysis tools.