logo

OWASP Vulnerabilities: Broken Authentication, Security Misconfiguration, Insufficient Logging & Monitoring

10 Pages2534 Words1 Views
   

Added on  2022-12-16

About This Document

This article discusses the three OWASP vulnerabilities: Broken Authentication, Security Misconfiguration, and Insufficient Logging & Monitoring. It explains the vulnerabilities, their impact, and provides mitigation strategies to address them.

OWASP Vulnerabilities: Broken Authentication, Security Misconfiguration, Insufficient Logging & Monitoring

   Added on 2022-12-16

ShareRelated Documents
CASE STUDY WEB
APPLICATION
OWASP Vulnerabilities: Broken Authentication, Security Misconfiguration, Insufficient Logging & Monitoring_1
Table of Contents
INTRODUCTION...........................................................................................................................1
MAIN BODY...................................................................................................................................1
OWASP Vulnerability one
: Broken Authentication..............................................................................................................1
Vulnerability
................................................................................................................................................1
Mitigation
................................................................................................................................................2
OWASP Vulnerability Two
: Security Misconfiguration.........................................................................................................3
Vulnerability
................................................................................................................................................3
Mitigation
................................................................................................................................................4
OWASP Vulnerability Three
: Insufficient logging & Monitoring............................................................................................4
Vulnerability
................................................................................................................................................5
Mitigation...............................................................................................................................5
CONCLUSION................................................................................................................................6
References:.......................................................................................................................................7
OWASP Vulnerabilities: Broken Authentication, Security Misconfiguration, Insufficient Logging & Monitoring_2
INTRODUCTION
OWASP stands for Open Web Application Security Project which is defined as the web
application which provides the freely available articles, tools, documentations, methodologies
and technology in the domain of security in web application. It is managed by the online
community that generates all such facilities to the technical as well as non technical people also.
It is founded in 2nd December, 2001 in United states which mainly focuses on web security,
application security and vulnerability assessment. They adopts the methods such as industry
standards, conferences and workshops (OWASP, 2019). Therefore, it is necessary to learn about
all such technical issues in order to apply such studies in the real world organizations hence, the
following discussion is made on the basic three OWASP vulnerabilities that are broken
authentication, security misconfiguration and insufficient logging and monitoring followed by
their vulnerability and mitigation associated with them with proper findings and conclusion.
MAIN BODY
OWASP Vulnerability one
: Broken Authentication
It is one of the OWASP vulnerability that is the broken authentication which means in the
source code of web application, authentication required is not strong by the administrator or the
owner of the website. Consequences of not setting up strong authentication is that any hacker can
break such authentication and can use or misuse the source code of the web application against
the administrator which is ethically or legally wrong (Hassan, Nipa, Akter and Sharif,
2018). These are often in an incorrect form of implementation of the web application which
permits the attackers to compromise the session tokens, keys and passwords and they perform
such unethical in nature to exploit the some other flaws at the time of implementation in order to
assume identities of the user either temporarily or permanently. Attackers gains the specialised
skill in hacking the web application therefore they know that how to gain access to the many of
the valid usernames and passwords in order to credential stuffing, account lists, default
administrative, dictionary attack tools and many more.
1
OWASP Vulnerabilities: Broken Authentication, Security Misconfiguration, Insufficient Logging & Monitoring_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Penetration Testing Penetration Testing
|52
|9148
|85

International Journal of Emerging Technology
|17
|3344
|18

Ethical Hacking: Learning Summary
|8
|1902
|1

OWASP TOP 10 | Web Application Security | Report
|10
|1533
|23

Network Vulnerability And Penetration Testing Assignment
|6
|1145
|23

System Security : Report
|13
|999
|347