Scribd
Upload
24 views19 pages

BC May2024 Mod11 Software Security

Uploaded by

mundr
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
24 views19 pages

BC May2024 Mod11 Software Security

Uploaded by

mundr
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 19

Mod 1: Cybersecurity Mod 2: Network Mod 3: Systems Mod 4: Security

Mod 5: Data Security


security
Awareness Discovery Hardening
hardening Architecture
architecture

Mod 16: Trends in Module lessons: Mod 6: Public Key


Cybersecurity 11 Software engineering Infrastructure
Security guidelines
Software vulnerabilities
Mod 15: Legal Mod 7: Identity
Considerations Management

Mod 14: Incident Mod:8


Mod 8: Network
Response Hardening

Mod 13: Physical Mod 12: Environment Mod 11: Software Mod: 10 Social
Mod 10:
Mod 9: Malware
Security Monitoring Security Engineering

MODULE 11: SOFTWARE SECURITY


SOFTWARE ENGINEERING

Software engineering is the principles by which


software is:
• Designed
• Developed
• Implemented
• Maintained

A structural approach ensures security is involved


throughout the entire lifecycle of a solution.
DISCUSSION

What kind of training do you have to undergo to become


a programmer today?

What type of testing is done on software?

Who coded the software you are using? Do you know the
source?
SOFTWARE DEVELOPMENT LIFE CYCLE

The SDLC is a series of phases used in software development.

The SDLC incorporate the following steps:

• Initiation
• Requirements analysis
• Concept development
• Planning
• Design
• Development
• Testing
• Implementation
• Operations
• Disposal
MATURITY LEVELS

Maturity level is part of the Capability Maturity


Model (CMM).

It defines the level of agility and effectiveness of the development of a


solution.

Maturity levels:

• Level 1
• Level 2
• Level 3
• Level 4
• Level 5
SECURITY GUIDELINES

• Several guidelines are applicable when developing and


implementing secure solutions:
• Change management
• Separation of duties
• Peer reviews
• Production and development teams
• Quality assurance
• Background checks on programmers
• Code escrow
• Vulnerabilities can be found at different layers of a
solution architecture—front-end, business logic, or
back-end:
• Buffer overflows
SOFTWARE • Database injection attacks

VULNERABILITIES • Cross-site scripting (XSS)


• Directory traversal
• Security misconfiguration
• Permissions issues
• Session hijacking
BUFFER OVERFLOWS

Normal operation Buffer overflow attack


• Buffer overflow is created when an Program memory stack Program memory stack

application is not secured with


Buffer Malicious code
boundary checks.
• Two possible results of a buffer Return address Return address
overflow:
• The application stops working.
• The memory state of the Program instruction Program instruction

application is changed.
DATABASE INJECTION
ATTACKS

• A database injection attack


introduces malicious bits to a back-
end system through a front-end
mechanism. Malformed string

• Countermeasures:
• Code review
• Web application firewalls
• Input sanitization
• Fuzz testing
CROSS-SITE SCRIPTING

A vulnerable web application allows


code injection through forms.

Code executes every time a new Malicious script


user connects to the page.
Sensitive information
Countermeasures: Web Attacker
Application
• Secure forms through security engine
(firewall or IDS). user
• Restrict running of scripts.
• Perform penetration testing and vulnerability
assessment.
• Configure web browser security to block
malicious script execution.
DIRECTORY TRAVERSAL

• A directory traversal vulnerability


allows an attacker to navigate outside
the website directory on the web
server.
• A directory traversal attack relies on a
malformed URL. Code in the URL is Web server

executed if the vulnerability exists


• Example:
Malformed URL:
• http://server.com/scripts/ http://server.com/scripts/..%5c../Windows/System32/
cmd.exe?/c+dir+c:\
..%5c../Windows/System32/
cmd.exe?/c+dir+c:\
• Patch servers to mitigate the issue, and
apply safe coding practices.
• Misconfiguration of servers increases likelihood of
SECURITY attack:
MISCONFIGURATION
PERMISSIONS ISSUES

• Define ACLs to secure directories


used by an application.
• Potential risk of information
disclosure through directory Admin account

browsing.
• Reduce privileges to decrease Access denied

exposure of system to hacking.


SESSION HIJACKING

• Session hijacking allows attackers to


take over an existing session.
• Two pieces of information need to
Session originator
be discovered:
Web server
• Session ID
• Session cookie
• Countermeasures:
• Session timeouts and resets
Attacker
• Unpredictable session IDs with no
reuse
• No persistent cookies
1. What are two characteristics of a buffer overflow
attack? (Select all correct answers.)
A. Uses a scripting environment
B. Can lead to application failure
C. Occurs when the code is secure
D. Can lead to privilege escalation
E. Affects back-end systems

MODULE REVIEW
2. Match each statement to the term it describes.
Automated application security testing A. Buffer overflow
Permission failure at the server level B. Cross-site scripting
Procedure to verify correct data entries into forms C. Fuzz testing
Client side attack D. Logical flaw
Exception generated in memory E. Input sanitization
Weakness that allows potential credential bypass F. Directory traversal
Process that documents the potential impact of G. Change management
Implementation of a product

MODULE REVIEW
3. How do you protect against cross-site scripting?

MODULE REVIEW
4. What is the fundamental principle of the software
development lifecycle?

MODULE REVIEW
5. True or false? A session ID can be found in a cookie.

MODULE REVIEW

You might also like