Topic 11B Flashcards
Cloud an web Application Security concepts
Input validation
is an essential protection technique used in software and web development that addresses the issue of untrusted input.
Untrusted input describes how an attacker can provide specially crafted data to an application to manipulate its behavior.
Injection attacks exploit the input mechanisms
Allowlisting
This method only permits inputs that match a predetermined and approved set of values or patterns.
Blocklisting
This approach explicitly blocks known harmful inputs, such as certain special characters or patterns commonly used in attacks
Data Type Checks
These checks ensure the input data is of the expected type, such as a string, integer, or date.
Range Checks
These validate that numeric inputs fall within expected ranges.
Regular Expressions
Also known as regex, these are used to match input to expected patterns or signs of malicious activity.
Encoding
This helps to safely and reliably prevent special characters in input from being interpreted as executable commands or scripts.
Cookies
small pieces of data stored on a computer by a web browser while accessing a website. They maintain session states, remember user preferences, and track user behavior and other settings
To secure cookies:
developers must follow certain well-documented principles, such as using the ‘Secure’ attribute for all cookies to ensure they are only sent over HTTPS connections and protected from interception via eavesdropping,
using the ‘HttpOnly’ attribute to prevent client-side scripts from accessing cookies and protect against cross-site scripting attacks,
using the ‘SameSite’ attribute to limit when cookies are sent to mitigate cross-site request forgery attacks.
Cookies should expire
Static code analysis
scrutinizing source code to identify potential vulnerabilities, errors, and noncompliant coding practices before the program is finalized.
Code signing
use digital signatures to verify the integrity and authenticity of software code. ;
Code signing serves a dual purpose: ensuring that software has not been tampered with since signing and confirming the software publisher’s identity.
provides assurance about the origin of code and verifies code integrity, it does not inherently assure the safety or security of the code itself.
Data exposure
is a fault that allows privileged information (such as a token, password, or personal data) to be read without being subject to the appropriate access controls.
errors and exceptions
This means that the application performs in a controlled way when something unpredictable happens.
An error or exception could be caused by invalid user input, a loss of network connectivity, another server or process failing, and so on.
structured exception handler (SEH)
A mechanism to account for unexpected error conditions that might arise during code execution.
there should also be a catchall handler that will deal with the unexpected. The main goal must be for the application not to fail in a way that allows the attacker to execute code or perform some sort of injection attack
an application’s interpreter may default to a standard handler and display default error messages when something goes wrong. These may reveal platform information
Memory Management
arbitrary code attacks depend on the target application having faulty memory management procedures. This allows the attacker to execute their own code in the space marked out by the target application.
There are known unsecure practices for memory management that should be avoided and checks for processing untrusted input, such as strings, to ensure that it cannot overwrite areas of memory.
Client-Side vs. Server-Side Validation
The main issue with client-side validation is that the client will always be more vulnerable to some sort of malware interfering with the validation process.
The main issue with server-side validation is that it can be time-consuming, as it may involve multiple transactions between the server and client.
Consequently, client-side validation is usually restricted to informing the user that there is some sort of problem with the input before submitting it to the server. Even after passing client-side validation, the input will still undergo server-side validation before it can be posted (accepted).
Cloud hardening
Least privilege
encyption
Audits
Pen Testing
Vulnerability analysis
Sandboxing
is a security mechanism used in software development and operation to isolate running processes from each other or prevent them from accessing the system they are running on.
A practical example of sandboxing is implemented in modern web browsers, like Google Chrome, which separates each tab and extension into distinct processes.
