Software Vulnerabilities Part 2

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

35 hours 10 minutes
Video Transcription
Greetings and welcome back to Cy Berries Cop Tia Certified Advance security practice. There's certification
preparation course.
This is modern homosexuals. Title security, development.
These are the objectives which encompasses
margin number six.
In fact, we can continue our discussion of the very first objective, which is titled Understand and Apply Software Vulnerabilities.
Then this is section number one,
which again is a continuation from the previous video where we began the prices actually discussing the various software vulnerabilities. In fact, we had a pre assessment question in a very first section up Section one in the previous video
in this video, at a very conclusion, we will have a post assessment course done so without further ado. Let's begin by First are discussing the top 10 software on a realist for 2019
Buffer Overflow
directory. Trans versatile
failure to Protect Sensitive Data
Issuer Library Components and Independence ese
issue a Web service. An application program interface is
issue a blogger and too much or too little.
Call. Cross site Scripting is another big issue from 2019
missing a broken authentication,
missing a broken authorization, all other words access control
and then also number 10 sequel injection. So Let's begin by first of scuffing
what is a buffer? Overflow?
Buffalo flows among the most well known common software. Vulnerable is when you try to put something that's too big into memory that's too small, of course, unpredictable things. In fact, what happened? The most popular Web application? Other words. Job protects against this type of vulnerability.
And remember, the old floor occurs where more data are written to a buffer. Then it can hold. The excess debt has written to the adjacent memory, overriding the contents of that location and causing unpredictable results in the program.
Then we come to a term called directory Tran Verceles.
This type of vulnerably allows hackers to gain access to files and directors that aren't part of your website.
The attacker sit Miss sends a foul or directory request with the character sequence,
and it will happen, which points to the parent directory. This vulnerable is especially treacherous when combined with others, such as insecure storage of sensitive data.
Then we have failed to protect sensitive data.
Loss of commentary threatens customers temporary but loss off, since that data threatens customers for the rest of their lives and can have severe consequences for your particular business and mentally protected data in transit is hard, but at least you can use skull encryption on all the data at rest other words that had been stored,
then become the issues with library components and and also dependencies.
No one writes call from complete scratch. These days, all Monaco contains some existing code, whether in form of self contained modules or snippets bar from other cold, cold basis. But the convenience of code reuse comes with threats.
Nouveau numbers are discovered all the time. Mrs. Agnes can take over trusted components,
and if you know what's in your cold base, you can attack it or you can track it or you can fix it.
Then we come to Cole Reuse
when practice was security in mind. Colt we use is certainly a positive practice. For example, one a sub several team is required for. For example, a subroutine is a quiet for several aspects of our application. The subroutine was developed security, so there's little or no addict risk. However,
it one application Cho Hae book. However, Marja it is, was repurposed for the next version or for another application. Then this practice might skip the evaluation steps required in an induced new risks.
We also have resource exhausted,
basically, is that the now serves a technique that occurs when the resource necessary to perform in action are completely consume. This prevents require actions from taking place
resource exhausting attacks. Our computer security experts that crash bang otherwise interfere with target programs or systems.
They will come to issues with websites and application program interface, while the use of websites Web service. In other words, application program interface is exploding.
Application program in face. Security hasn't kept up with this growth
threat at this can sometimes access since the data directly via what we call unsecure service's or application programming interfaces. But what is this? It must also be sure to implement Weps Service and Application Program interface calls securely in their own mobile APs.
Otherwise, those advocates become another interface by which an attack it can access their systems.
That explains those two issues with log in too little or too much.
In this case, if you can control access to your long files, other words, the ones on your Web server to log in is a plus. Doing so in this case can help you to take an attack and a term in this scope and potential damage after the fact.
Then we come to cross site scripting. Now, this is a type of computer security vulnerability typically found in rap applications. In this case, when you have an ex s
attack a Web app cases sent with a script
that activates when it read by unsuspecting users browser or by an application that has not been protect itself against what we call cross site scripting.
We have also operates system fingerprinting operates system Fingerprint is the process of learning what operating system is running on a particular device. Now, for example, we have two types of passive operating system fingerprint. Then we have active operating system. Fingerprint with passive
fingerprint is the process of analyzing your package from the holes
on a network. In this case, the fingerprint access a sniffer and doesn't put any traffic on your network.
When you have an active operating system, fingerprint is a prices of transmitter package to a remote holes and analyzing the corresponding reply.
Then we come to cross site request forgery.
This is also known as X S f r
Ceasar for session running is an attack vector that tricks a Web browser into executing unwanted action in an application in which a user is logged in.
A successful attack of this nature can be obviously very devastating for both of business as well as a user. It can result in damage to the client relationship, unauthorized fund transfer change, password, data theft, including stolen session cookies.
Then we have missing a broken authentication. This is a process of verifying the identity of a person or device, a common examples in and a user name and power that when you log into a website now, there are three common fact issues for authentication. Something you know, such as your pants work,
something you have, such as you're smart car or something. You are such a your fingerprint on some other biometric type function
authorization. This case is a security making used to determine user or client privilege or access level. Relate to system resource, including your computer program. The files, the service says data and application feature
Access control is a way of lemon access to a system or to a physical or virtual type resource.
Number 10 is called a sequel injection This is a primary to four dead. My manager is databases. If you realize that if you don't realize that motor running a primary two for database that I manage within any system is a database,
if a database and the underlying our present do not have the proper security controls in place, what happened? Attacker can create quarries against the database that disclosed unauthorized information.
S grill allows course we configure in real time and passed to your database servers. So what goes into the application test? African security Go where? Beyond simply running a scanning to for critical or high value application or those that process or possess what we call sensitive data
Thorough test that may actually include a combination of several method
I'm inthe indicated. Automated scans. Blind penetration test is another way in for manual testing, authenticated automated scans, manual source, code review,
automated source, court scanning, automated binary analysis and also about manual binary analysis as well. Oddly, there are a number of different lot of tools like that nowadays can insist us in this endeavor. We have what we call the open Software Assurance maturity model, which is a freely available open source framework
that old man's this can used a building assess that software security programs.
We also have the open Web application security project.
Hawass basically is a worldwide not for profit organization, which focus on improving security of software. Sources of valuable resource is and where is listed here. We also have open source or low cost
application security scanners.
Let's not turn our ticket award this post assessment course before we conclude this particular section of this particular presentation.
And the question is as follows. You have just run a two that has identified the Target operating system as Microsoft Windows 10. What step has occurred is a port scanning be operates system fingerprinting, see foot pretty or D vulnerabilities. Canny.
If you sit like that, be you're absolutely correct because it's called operating system. Fingerprinting
is the correct response.
This brings us to a review for this particular section and is as follows
we have learned that the primary two for Data Mansion is a database. We also learned that Secret allows Cruise to be configured in real time and passed it out of the service. Also learned authentication is a process of verifying the didn't have a person device a common examples in the user name and password. When you're logged into a website
in our upcoming presentation, we re moving on this section two of this particular margin on the six where we discuss software development
look forward to seeing in the very next video.
Up Next