Day 11 #100cyberdays 🎯 

(𝐒𝐮𝐦𝐦𝐚𝐫𝐢𝐳𝐞 𝐨𝐟 𝐚 𝐰𝐡𝐢𝐭𝐞 𝐩𝐚𝐩𝐞𝐫)

👨‍💻 WEB APPLICATION SECURITY STRATEGY by EC-Council

🔴 This paper discusses the threat landscape described by owasp in the context of relevant application security principles, the need for security during the sdlc lifecycle, and novel methods for achieving it.

📌 Many businesses rely on web-based applications to conduct their operations and a security incident could lead to a massive loss. Hence,it is critical for organizations with a digital presence to prioritize web application security and invest in a robust information security architecture. Developers must thoroughly analyze the potential causes and effects of security breaches during the software development stage and fix vulnerabilities.

📕OWASP TOP 10 2021

The owasp (Open Web Application Security Project) Top 10 list represents the cybersecurity communityʼs consensus regarding the critical risks currently threatening the security of application architectures.

1️⃣ Client

2️⃣ Cryptographic Failures

3️⃣ Injection

4️⃣ Insecure Design

5️⃣ Security Misconfigurations

6️⃣ Vulnerable and Outdated Components

7️⃣ Identification and Authentication Failures

8️⃣ Software and Data Integrity Failures

9️⃣Security Logging and Monitoring Failures

🔟 Server-Side Request Forger

📌 IMPLEMENTING SECURITY DURING SDLC

✅ The DREAD Threat Model

✅ Increased Collaboration

✅ Developer Companion Framework

✅ Obfuscation Approach

✅ Security Expert Perspectives