Cryptographic failures

As a reframed version of an OWASP category once referred to as "Sensitive Data Exposure," cryptographic failure is a far-reaching but undeniably important concept. This category references any type of leak or breach that occurs due to issues with (or lack of) encryption.

It should go without saying that data encryption is paramount when it comes to cybersecurity and thwarting hackers, but that doesn’t mean every company or individual properly encrypts their data.

While it may seem simple, data encryption is anything but. Data needs to be encrypted both at the storage level and when it’s being transferred. OWASP recommends that encryption be assessed based on the threat model, as some types of encryption will only provide protection against select types of attacks or vectors.

Beyond this, OWASP experts provide an important reminder: sensitive information is easier to protect if it’s not stored in the first place. Furthermore, while encryption is crucial, applications must be designed in a way that maintains layered security even when encryption solutions and strategies fall through.

https://www.sitelock.com/blog/top-10-owasp-vulnerabilities/

SELECT id FROM users WHERE username = "sia"

Search This Blog

Cryptographic failures

Cryptographic failures

Comments

Post a Comment