From the course: CCSK Cert Prep: 2 Infrastructure Security for Cloud

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Common application attacks

Common application attacks - Amazon Web Services (AWS) Tutorial

From the course: CCSK Cert Prep: 2 Infrastructure Security for Cloud

Start my 1-month free trial

Common application attacks

- [Instructor] The first step in hardening cloud-based applications is to recognize prevalent risks. Periodic network, host, and application vulnerability assessments and penetration tests can help in identifying weaknesses. The OWASP Top 10, where OWASP stands for the Open Web Application Security Project, is a list of the top 10 most common web application attacks and mitigations to protect against those attacks. The OWASP Top 10 is updated every few years. So it consists of injection attacks such as by having web forms on a site that are not properly validated allowing attackers, thus, to put in statements that might retrieve sensitive information from a database, broken authentication to a web application, sensitive data exposure, the use of XML external entities. If a web developer uses some kind of an XML processor software component that isn't secured, it can be used to reveal sensitive information such as files in the…

Contents