Risk assessment (often called risk analysis) is perhaps the most difficult part of implementing ISO 27001, but at the same time, risk assessment (and its processing) is the most important step at the beginning of your information security project – it establishes the basis for information security in your company. The question is – why […]
Privilege escalation is that attack in which an attacker exploits a software bug to gain access to a resource that is usually protected by the application or user, which leads to a change in privileges for malicious actions that are carried out with greater privileges than expected application developer and system administrator. Known attacks of […]
What does mean by Security Misconfigurations ? Security Misconfigurations arises when maintaining security settings are the default, Security misconfigurations can happen at any level of an application stack, including the platform, web server, application server, database, framework, and custom code.Security misconfigurations vulnerabilities could occur if a component is vulnerable to attack due to an insecure […]
what is Broken Access Control ? Broken access control is a very common and very vulnerable vulnerability. Many sites have the potential to accidentally provide access to unauthorized visitors who just cut out a URL that seems to be unsafe and paste it into a browser. Description Access control, sometimes called authorization, is how a […]
What does mean by “Components With Known Vulnerabilities” ? Web services often include a component with a known security vulnerability. When this happens, it falls into this category, no matter which component is vulnerable, which makes it a very frequent discovery. A component with a known vulnerability may be the operating system itself,the Content Management […]