Security

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments

Security

It is the capability of a system to protect its assets and prevent from unauthorized access or modification of information or resources.

Common Causes:

  • Issue in authentication and authorization
  • Damage caused by malicious input such as SQL injection and cross-site scripting.
  • Not encrypting sensitive data.
  • Information disclosure and loss of sensitive data.

Points to be considered:

  • Latest OWASP guidelines
  • Multi-factor Authentication
  • Single Sign On (SSO)
  • Principle of Least Privilege
  • Transport and Message Level Security.
  • Usage of tool to identify vulnerability in the code.
  • Tools to monitor the issue.
  • Security Principles:
    • Don’t develop as admin
    • Don’t trust any input ever
    • Protect against buffer overruns
    • Protect against injections
    • Prevent cross origin access
    • Don’t require super user privileges
    • Don’t implement security codes
    • Limit your attack surface
    • Execute with least privileges
Please share this
Continue ReadingSecurity