Broken access Control Flashcards
(20 cards)
Name two organizations that publish common vulnerabilities
OWASP and CWE
What does OWASP stands for?
Open Worldwide Application Security Project
What does CWE stands for?
The Common Weakness Enumeration is a community developed list of software and hardware weaknesses that helps in identifying vulnerabilities in software security.
What is Unit / Integration testing?
Testing methodology that exposes defects in the individual units of source code/ interfaces and in the interactions between integrated components or systems.
What is:
Static Application Security Testing (SAST)?
Is a testing methodology that analyzes source code to find security vulnerabilities.
What is Software Composition Analysis (SCA)?
Is a methodology that analyzes applications for third parties and open source software to detect illegal, dangerous, or outdated code.
What is Dynamic Application Security Testing (DAST) ?
Is a black/grey box testing methodology that examines an application as it’s running to find vulnerabilities.
What is Pentest?
Is a manual practice of testing a computer system, network or web application to find security vulnerabilities.
What is the goal of software security?
To maintain the confidentiality, integrity, and availability of information resources.
What is the mentality of an attacker?
Any action not specifically denied, is allowed
What principle should follow application access?
Least privilege: only be granted for specific capabilities, roles or users.
When is access control effective?
Access control is only effective if enforced in trusted server side code or severless APIs, where the attacker cannot modify the access control checks or metadata.
If restrictions on what users can do are not properly enforced, attackers could:
View sensitive files
Access other users accounts
Modify other users data
Change access rights
Force browsing is a technique where attackers:
Attempt to access restricted pages by guessing their URL address.
DAST and SAST tools can be used to confirm the presence of properly implemented and functional access control.
False
Credential stuffing can be largely prevented by:
Rate limiting login attempts
Application access should follow the principle of:
Least privilege
Applications can be vulnerable to Access Control flaws if:
Checks can be circumvented by modifying a URL
Metadata can be manipulated
Users can act outside of their intended permissions
Access controls should be configured for “deny by default” on all resources
False
To detect potential credential stuffing you should
Log access control failures
Alert administrators to repeated login failures
Re use access control mechanisms throughout the application
