5. Security configuration error
6. Vulnerable and outdated components
7. Identification and authentication failure
8. Software and data integrity failures
9. Security logging and monitoring fails
10. Server Side Request Forgery (SSRF)
1. Invalid access control
Invalid access control refers to the existence of access control vulnerabilities in the system. Attackers can use the vulnerabilities to bypass security measures and obtain resources or data that should be restricted. Such vulnerabilities are often caused by errors in the design or configuration of the application.
In order to prevent failed access control, developers and system administrators need to conduct thorough security audits and tests of the access control mechanism in the system to ensure that each permission control point of the application can play its due role. At the same time, access logs need to be monitored and analyzed to detect potential security threats in a timely manner.
Precautions : _
1. Mandatory authentication: Establish a mandatory authentication mechanism in the system to ensure that only authenticated users can access sensitive resources and data.
2. Refined permission management: Make detailed permission settings for each permission control point in the system to ensure that users can only access the resources they should be authorized to access, and that resources will not be incorrectly restricted.
3. Auditing and monitoring: Monitor and audit the access logs in the system, discover access control vulnerabilities in a timely manner, and repair and prevent them.
4. Design and testing: During the system design and development process, consider the design of the access control mechanism, and conduct code review and security testing to reduce the risk of access control vulnerabilities in the system.
5. Properly configure security controls: Properly configure security controls at various levels such as operating systems, databases, and applications to ensure that external attacks and internal abuse can be prevented.
6. Timely update and repair vulnerabilities: After discovering access control vulnerabilities, promptly repair the vulnerabilities and update the system version to ensure system security is guaranteed.
2. Encryption mechanism fails
The failure of the encryption mechanism means that during the use of the encryption algorithm, due to implementation or configuration problems of the encryption algorithm, the security of the encryption is threatened and the data may be stolen, tampered with or forged. Common encryption mechanism failures include improper key management of symmetric encryption algorithms, leakage of private keys in public key encryption algorithms, and the use of outdated or weak encryption algorithms.
Precautions : _
1. Use secure encryption algorithms: Choose encryption algorithms with industry-recognized and proven security (such as AES, RSA, etc.).
2. Correctly configure the encryption algorithm: For configurable encryption algorithms, appropriate configuration is required, including key generation and management, setting of algorithm parameters and initialization vector generation, etc.
3. Key management: Key management should consider protecting the confidentiality, integrity and availability of keys, such as using strong passwords to protect keys and using secure storage and transmission methods.
4. Regularly update algorithms and keys: Encryption algorithms and keys that have been used for a long time may be cracked. Algorithms and keys should be updated regularly to ensure the security of the encryption mechanism.
5. Security audit: Conduct a comprehensive audit of the encryption implementation plan to ensure that the actual implementation of security measures achieves the expected goals.
6. Strengthen training: Provide employees with security training, strengthen security awareness, and prevent attacks to further improve their security awareness and reduce the failure of encryption mechanisms due to human negligence.
3.SQL injection
SQL injection is a common security vulnerability. Attackers construct malicious SQL statements to deceive applications and allow them to perform malicious operations (such as deleting and modifying data, etc.), thereby obtaining sensitive data or controlling the database system. Injections include SQL injection, command injection, CRLF injection, LDAP injection, etc.
Precautions : _
1. Write secure SQL statements: When writing programs, secure coding methods such as parameter binding should be used to avoid dynamic splicing of SQL strings, thereby avoiding SQL injection.
2. Filter input: To conduct reasonable verification and filtering of data input by users, regular expressions, filter functions, escape characters and other methods can be used for protection.
3. Reduce false positives: Try to reduce characters mistaken for executable SQL statements, such as ";", "–", etc.
4. Restrict user permissions: Restrict users' access permissions, so that users can only access the data and operations they need based on actual needs.
5. Encrypt sensitive information: Sensitive data should be encrypted to ensure the security of the data in the database.
6. Update and maintenance procedures: Regularly update and maintain web applications to ensure that internal and external vulnerabilities in the application are repaired in a timely manner and improve system security.
7. Monitoring and log management: Enable the security audit function, regularly check logs and monitoring data, discover and troubleshoot attacks such as SQL injection, and ensure the security of the system.
4. Unsafe design
An insecure design can leave the entire system vulnerable to attack, as it is designed with security holes in mind. Typical examples are security issues not considered in data flow diagrams, data models, or system designs. Attackers may exploit system design flaws to bypass system access controls or directly attack by changing inputs to deceive or disrupt program behavior. For example, if a website uses plain text to store user passwords, or weak passwords are stored encrypted, it is an insecure design.
Precautions : _
1. Security design principles: At the beginning of system design, security design principles should be followed, such as revealing only as little system information as possible, adopting the principle of least privilege, must have principles, etc., to ensure that the design is secure.
2. Security assessment: For existing system designs, necessary security assessments and tests should be conducted to find loopholes and hidden dangers, and correct methods should be adopted to repair them.
3. Integrate with industry standards: Refer to industry standards, such as OWASP guidelines or NIST framework, etc. These standards provide best practices for system security planning and design.
4. Security queries and coding practices: Create a secure development life cycle to ensure developers have best practices and tools, such as creating secure coding practices, secure code review procedures, and code scanners.
5. Security training: train all employees on security knowledge, including business call interfaces used for product development, access rights management, encryption processing specifications, vulnerability scanning precautions, etc.
6. Continuous inspection: Once the system starts working, system operations should be studied regularly and new vulnerabilities should be continuously monitored. This step often needs to be done in conjunction with vulnerability scanning tools and simulated white hat attacks to ensure that no part of the system is vulnerable and easy to attack.
5. Security configuration errors
Security misconfiguration is usually caused by improper configuration, incorrect settings or timely security updates that lead to system vulnerabilities. Attackers may exploit these vulnerabilities to perform various attacks, such as access control errors, cache insecurity, permission misconfiguration, functional failure, code obfuscation, and vulnerability exploitation.
Precautions : _
1. Learn best practices: Learn best practices based on the operating system, application, or service's guides, which provide detailed instructions for security settings for a specific operating system or application.
2. Configure according to security standards: Configure the system according to relevant security standards or compliance regulations, and pay attention to using at least reliable encryption algorithms, key expiration policies, etc.
3. Review and monitor configuration files: Regularly review and monitor configuration files to ensure the protection of sensitive information and prevent unnecessary configuration changes, especially monitoring trusted configuration files, databases, and applications.
4. Security updates and maintenance: Install all necessary security updates and patches, and upgrade software versions.
5. Encrypted data transmission: Use protocol encryption, VPN and other technologies to encrypt data transmission to ensure the security of data during the transmission process.
6. Strengthen access control: Strengthen the management of system access control, including authentication and authorization of sensitive content, and restricting access to and modification of secure data.
7. Strengthen log management: monitor administrator operation audits, defend against password brute force cracking, observe console abnormal logs in real time, and prevent privileged access and network intrusions.
8. Visitors or new users: Visitors and new users must be authenticated and assigned permissions before accessing, and the access level is authorized to effectively prevent or reduce security configuration errors.
6. Vulnerable and outdated components
Vulnerable and outdated components, such as operating systems, applications, frameworks, libraries, and modules, etc., have known vulnerabilities and weaknesses that attackers may exploit to compromise the system. For these components, software vendors often release security updates to patch these vulnerabilities, so it is very important to keep these components updated.
Precautions : _
1. Continuous updates: Timely update system components such as operating systems, applications, frameworks, libraries, and modules, and keep them up-to-date, especially security-related updates.
2. Component audit: Review the security of third-party components and consider the use of outdated components. Give priority to components provided by manufacturers with good reputation, reliable quality and guaranteed brand.
3. Rectify the vulnerabilities of installed components: Carefully review the vulnerability information of installed components and take appropriate measures for known high-risk vulnerabilities, such as closing or upgrading specific versions of components.
4. Log classification and backup: Enable log audit control and centralized streaming processing, classify log types, monitor log audits in real time, audit users or behaviors that do not meet security specifications, and back up tokens, keys and other decommissioning components Stress during the upgrade process.
5. Monitoring and inspection: By using vulnerability scanning tools, monitor installed components, look for vulnerable components, and make timely rectifications before getting rid of security threats.
6. Report all components containing affected components: Create and keep a list of all installed components to facilitate tracking of all components and their maintenance status, include component developer names and versions, and include information about known vulnerabilities.
7. Identification and authentication failure
Authentication is the process of ensuring the correct identity of users accessing an application. Once an identity is authenticated, the application matches it to a specific user account or role to provide the user with the required access. If authentication and authorization fail, attackers may access the system, perform inappropriate operations, or even obtain sensitive information.
Precautions : _
1. Design and implement a strong password policy: Require users to create complex and difficult-to-guess passwords, and store them through methods such as encryption and hashing to prevent hackers from easily obtaining user password information through malicious means.
2. Implement multi-factor authentication: Implementing multi-factor authentication increases system security. For example, when logging in to the system using a username and password, you also need to enter a one-time password or obtain an SMS verification code, etc.
3. Multi-role management: According to the user's role, each role is given different permissions and access scopes. Critical data and system operations should be restricted to a minimum number of personnel with access.
4. System internal monitoring: Turn on possible reverse proxies, monitor threats and abnormal unknown traffic, and use security information and event management systems (SEIM), unified log management (ULM), etc. to further monitor access to the system from clients and internal users .
5. Control access rights: You can reduce the risk of attacks by controlling user access periods and avoid abnormal time periods and IP segments. Do not run test environment applications on production servers. Use tools like content delivery networks (CDNs) and load balancers to prevent attacks.
6. Use error responses as alerts: When interactive errors are handled incorrectly, such as when an email subscription fails, a password reset, or a payment is processed, it’s best to give a generic error response. Details about error handling cannot be sent directly to the web page, which could expose the information to an attacker.
7. IPC execution permissions: Restrict malicious users from executing operations by prohibiting or restricting the execution of operating system commands by non-system administrator users on the production server.
8. Software and data integrity failures
Software and data integrity failures refer to malicious tampering, deletion or destruction of software and data by unauthorized personnel or programs, thereby destroying the availability and security of the system. This type of failure is often caused by a lack of appropriate security measures, such as lack of data backup, lack of audit trails, etc.
This is a new category that focuses on assuming the integrity of software updates, critical data, and CI/CD programs without verifying them. An example is when an application uses extensions, modules, or repositories from a content delivery network (CDN) or unauthorized sources. Unprotected continuous integration/continuous delivery (CI/CD) processes can increase the risk of malicious code, system compromise, or unauthorized access.
Precautions : _
1. Data backup: Back up the data periodically to ensure that the data is safe and can be restored. The backed up data may be used to restore or recreate the data, and verification tests are frequently performed to ensure a 100% success rate.
2. Access control: Strengthen application access control and permission management to ensure that only authorized users can access and modify data.
3. Data encryption: Encrypt sensitive data and ensure access is authorized. Encryption must be used during hard disk and network transmission. Data encryption can be achieved by using algorithms such as symmetric encryption, asymmetric encryption, hashing and signatures.
4. Audit: Record user changes to the system, such as data deletion or changes, etc. Audit data in real time to understand who performed what operations to ensure data integrity and security.
5. Software updates: Use automatic or manual update mechanisms to update software to keep it up-to-date and make timely repairs. At the same time, users are urged to install all security updates and patches to ensure the integrity of applications.
6. Continuous monitoring: Continuously monitor data and systems through the use of security tools such as intrusion detection systems and threat intelligence systems to detect and defend against attack trends in a timely manner.
7. Implement audits: Regularly audit the inclusiveness of data assets, clean and organize data, and remove unnecessary parts.
9. Security logging and monitoring failure
Security logging and monitoring failures are often caused by issues such as incorrect configuration, failure to update security log monitors in a timely manner, or detection times that take too long. These failures may result in security incidents not being detected and responded to in a timely manner, thereby increasing the risk of system attacks.
A lack of tracking in the presence of suspicious behavior and events can widen the unmonitored time span, allowing security breaches to go unnoticed for longer than with better logging. This OWASP Top 10 2021 section is designed to help identify, escalate, and resolve recent breaches. Without logging and monitoring, it would be impossible to detect security breaches.
Precautions : _
1. Proper configuration: Security logging and monitors should be configured correctly, including properly setting storage locations and backup strategies. Ensure the security of system and user interaction information, and encrypt and integrity protect logs.
2. Timely updates: Both security log records and monitors should be updated in time to improve the effectiveness of monitoring. System administrators should frequently update monitoring systems, loggers, and other related tools for issues such as integrity and availability.
3. Automatic alarm: By setting automatic clearing, alarm policies, and notification departments, we can promptly detect security incidents and notify relevant personnel for emergency response, proactively prevent security threats, and effectively improve the security of personal privacy information.
4. Auditing: Periodic verification of data stored in loggers and regular integration of governance oversight tools. Eliminate threats through personnel review, and promptly detect and prevent unauthorized interaction issues.
5. Recording time: The time for recording security logs should be kept short, no more than one month, because within one month on average, the losses easily caused by data loss and recovery are much higher than those caused by general security problems.
6. Tool integration: Use intrusion detection systems, traffic analysis tools, advanced guidance systems and other related tools to make the institutionalization of monitoring log management more humane and safer.
10. Server Side Request Forgery (SSRF)
Server-side request forgery (SSRF) is a type of network attack. The attacker misuses the functions of the server to access and retrieve more data from the external network, or even attack data in the target's own network. Common SSRF attack methods include network scanning, port scanning, attackers including files on the server through attack parsers, and retrieving all file contents on the server. Once an SSRF attack occurs, sensitive information such as confidential data may be leaked, thereby affecting the business.
Precautions : _
1. Check and limit the parameters passed in by the client to prevent users from entering some control parameters to construct external sites and further defend against attacks.
2. Limit the scope of external execution, which can limit and standardize parameters such as the method, protocol, port number and other parameters used by clients to request access to external networks, effectively reducing the trend of attack protocols.
3. Use a whitelist so that only modules that need to call external services can access the external network, thereby eliminating the risk of attackers using other services for access or connection attacks.
4. Enhance firewall functions, deploy firewalls on the corporate intranet, and use firewall products or services that are strong and fast.
5. Restrict access between the internal network and the external network, perform network isolation, standardize the data sources of applications, and increase network security protection.
6. Improve safety awareness as a whole, manage and audit users and operators, and conduct regular safety drills that are suitable and assistive in testing methods to reduce human operating errors and omissions.