Security vulnerabilites and controls

もっと見る

Data Management

Basra Arshnoorにより

Grid_FrameWork

Mike Tonにより

SIR TIM BERNERS-LEE

William Miguel Arboleda Morenoにより

Sex Thinking Hats

Snoopy Catsにより

Security vulnerabilites and controls

Vulnerabilities

Diminished data integrity

If there is dimished data integrity there means there is a lack of accuracy, authenicity, correctness, reasonableness, relveance and timeliness.

Third-party software

Software not made by the company that made the operating system

SQL injections

An SQL injection is similar to cross-site scripting but they are using SQL to gain access to information

cross-stire scripting

Cross-site scripting is when a hacker injects code into a space for user-input making the website run it and give access to the hacker to whatever they want

Social Engineering

This is when a malicious actor pretends that they are someone else or a company to gain access or get money from the victims

Man-in-the-middle attacks

A man-in-the-middle attack is an attack that involves a fake wifi network that gives access to the data that goes in and out of the network.

Data breaches

A data breach is when a companies private data has been taken maliciously by hackers

Controls

Penertration Testing

To have either a third-party or yourself check for any vulnerablilities within the solution

Software auditing

To check the softwares code for any possible back doors or malware especially if the code is from the internet

Software updates

To fix any bugs or weaknesses within the application that hackers could take advantage of

Encryption

Encryption is to make readable data not readable for the hacker with specific ways to encrypt such as symmetrical encryption and hash encryption

User authentication

User authentication is when a solution confirms that the person is the person that they claim to be through usernames and passwords or biometrics

Version control

Version control is to be able to