Most common high risk vulnerabilities

SQL injection, cross-site scripting, and cross-request forgery attacks are rated the most common high risk vulnerabilities. Not only that, NTA found that 27% of all applications contained at least one high risk issue — most dramatic change seen within charity and not-for-profit clients. See proposed suggestions, though I don’t agree that they provide protection for all of the noted attacks -

• Make sure all user-supplied data is properly sanitised before returning it to the browser or storing it in a database.
• Organisations should switch from a persistent authentication method to a transient authentication method to help prevent cross-request forgery attacks.
• An account lockout mechanism should be in place, to lock out accounts permanently or temporarily, to help prevent attackers from being able to brute force user accounts.

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Connecting to %s


Follow

Get every new post delivered to your Inbox.

Join 1,010 other followers