2021 OWASP Top Ten: Software and Data Integrity Failures

preview_player
Показать описание
A new category for 2021, this risk focuses on making assumptions related to software updates, critical data, and CI/CD pipelines without verifying integrity. Software and data integrity failures relate to code and infrastructure that does not protect against integrity violations. An example of this is where an application relies upon plugins, libraries, or modules from untrusted sources, repositories, and content delivery networks (CDNs). An insecure CI/CD pipeline can introduce the potential for unauthorized access, malicious code, or system compromise. Lastly, many applications now include auto-update functionality, where updates are downloaded without sufficient integrity verification and applied to the previously trusted application. Attackers could potentially upload their own updates to be distributed and run on all installations. Another example is where objects or data are encoded or serialized into a structure that an attacker can see and modify is vulnerable to insecure deserialization.
#OWASPTOP10
Video 9 / 11

⬇️⬇️⬇️ JOIN THE COMMUNITY! ⬇️⬇️⬇️

DevCentral is an online community of technical peers dedicated to learning, exchanging ideas, and solving problems - together.

Find all our platform links ⬇️ and follow our Community Evangelists! 👋

Your Community Evangelists:
  1. F5 DevCentral
  2. f5
  3. devcentral
  4. owasp top 10
  5. owasp top 10 explained with examples
  6. software
Рекомендации по теме
The OWASP Top 0:41:26

The OWASP Top Ten 2021 Release

OWASP Top 10 0:08:51

OWASP Top 10 2021 - The List and How You Should Use It

2021 OWASP Top 0:08:57

2021 OWASP Top Ten Overview

2021 OWASP Top 0:07:31

2021 OWASP Top Ten: Software and Data Integrity Failures

OWASP TOP 10 0:14:21

OWASP TOP 10 - 2021 Edition

The OWASP Top 0:41:35

The OWASP Top Ten 2021 Release

OWASP Top 10 0:19:41

OWASP Top 10 2021 Highlights | AppSec 101

OWASP Top 10 0:14:58

OWASP Top 10 Web Application Security Risks

OWASP Top 10 0:32:22

OWASP Top 10 2021 : Web Fundamentals : TryHackMe : Part 1

2021 OWASP Top 0:11:48

2021 OWASP Top Ten: Injection

OWASP Top 10 0:33:36

OWASP Top 10 - 2021 Tryhackme Walkthrough - A Hands-On Guide to Web Security Threats

OWASP 2021 Top 0:04:58

OWASP 2021 Top 10 Web Application Vulnerabilities

Software Security - 0:10:23

Software Security - OWASP Top 10 2021

2021 OWASP Top 0:07:35

2021 OWASP Top Ten: Insecure Design

OWASP Top 10 0:49:59

OWASP Top 10 2021 Release discussion featuring Jim Manico!

The How and 0:49:37

The How and Why of the OWASP Top Ten 2021 - Brian Glas

2021 OWASP Top 0:09:05

2021 OWASP Top Ten: Security Logging and Monitoring Failures

OWASP TOP 10 0:07:02

OWASP TOP 10 - EXPLAINED WITH EXAMPLES - 2024

The OWASP Top 0:02:19

The OWASP Top Ten 2021 No. 8 Software and Data Integrity Failures

Top 10 Web 0:19:57

Top 10 Web App Security Vulnerabilities 2021 | OWASP Top 10 Web Application Security Risks 2021

OWASP Top 10 1:00:02

OWASP Top 10 2021 - Andrew van der Stock

Matthew Sheehan - 0:54:40

Matthew Sheehan - OWASP Top 10: 2021 Edition - Stir Trek 2022

OWASP Top 10 0:13:33

OWASP Top 10 2021 Explained | Web Application Vulnerabilities

2021 OWASP Top 0:10:35

2021 OWASP Top Ten: Broken Access Control

Комментарии
Автор

I have enjoyed the whole playlist of OWASP top ten. This + Owasp's description on their site provides actually a great understanding of those concepts. Everyone involved in IT should watch and read this imo. Thank You!

KapitanZbik
Автор

Amazing Videos. Got detailed understand about the recent OWASP. Keep posting, loving the learning.

VyshfulThinking
Автор

Love these videos. Keep up the good work. You make a pretty dry topic very entertaining

olaf
Автор

i dont get how this is different from vulnerable components

Chagarumagala
Автор

Amazing video! But I have a question..
What is cd/ci pipeline?

taiiff