Protecting against attacks and other risks
We have been talking about web applications this week. In keeping with the theme, Sasha Goldshtein, CEO of SELA Group, recently broke down the details on the biggest risks facing web applications today. This was part of a larger presentation at the SELA Developer Practice in Tel Aviv, Israel earlier this month.
He laid out the three most prevalent types of vulnerabilities, and then outlined the ones to really pay attention to within these. There are many other types, and issues within them, but this is a quick overview of what is most crucial for your app to thrive.
- Injection (command injection and SQL injection)
- Broken authentication or session management
- Cross-site scripting (and CSRF as a bonus)
Take a peek at Goldshtein’s slideshow to read up on the ways he was able to attack common vulnerabilities — for example’s sake — using his knowledge and a few simple Google searches. The list includes OS command injection, broken cookies, insecure password storage, XSS and CSRF, among others.
Security is a crucial component of strong web apps. Where do you find vulnerabilities in web apps?
