Three Risks Associated with the Web Vulnerability Scanners

Three Risks Associated with the Web Vulnerability Scanners

  1. SQL INJECTIONS VULNERABILITY : An attacker can use web vulnerability scanner to find sql injection loopholes in an organization. This vulnerability affects organizations where most transactions take place using web application with relational database as backend. The attacker usually try to structure the sql query as harmless user input and tries to gain access to system database. This can result data loss, data integrity violation and sometimes data theft.

  1. CROSS SITE SCRIPTING (XSS) VULNERABILITY:  There are various web scanners that can find out this vulnerability by analyzing organization`s website.This vulnerability usually  affects organizations where web applications is used to display content to end users. The attackers inserts malicious executable code in web page which can affect other users accessing that web page.

  1. AUTHENTICATION VULNERABILITY : This affects a large number of organizations as user authentication is an important aspect of client server interaction. This attack can have many form like session hijacking, brute force attack or exposure of sensitive passwords. This attack can let an attacker access and control the underlying system and carry out significant amount of damage.

Mitigation Strategy:

  1. Prevention Controls:User input should be sanitized before saving in the database. Web application should also remove any code or executable content that can run without proper authorization.Users should be informed about use of cookies, securing their session and sensitive authentication information. There should be a whitelist of allowable and safe content that can be stored in the database and all the other content should be discarded or considered unsafe.Use of web security framework can also lead to less security related incidents as web frameworks effectively handle large number of such cases.

Detection Controls:The administrator should keep checks in place for detection of malicious web attacks. Any sql or executable code which is unauthorized must be identified and discarded. Any session anomaly should be properly reported for potential attacks. Any unusual changes in the file systems or in the database should also be taken into account.In addition, user behaviours and common attack characteristics can also be used to identify potential attack situations. proper log file should be maintained and should be periodically analyzed by systems administrator to find out any hidden attack.

Leave a Reply

Your email address will not be published / Required fields are marked *