Access And Controls Exploitation

As web applications grow in complexity and value, so do the security controls required to ensure that the confidentiality, integrity, and availability of the systems and data are not compromised. Due to the lack of time, resources, skills, or security awareness of administrators and developers, these security controls are often not implemented correctly.

Many web applications expose information that may seem trivial to a developer or administrator, but is often quite useful to an attacker. An example that you've already seen is the web server and module versions being disclosed through the HTTP headers. This may initially seem trivial, but to an attacker this may provide enough information to compromise your web server. Sensitive information leakage, therefore, needs to be minimized to ensure the security of the web service and application.

Many of these vulnerabilities are able to be picked up by using web application vulnerability scanners, such as Paros and Nikto, and to some degree, Nessus.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook

Post a comment