Application Exploits
Application exploits are a broad category of attack vectors that computer criminals use to target applications. There are many ways in which an attacker can target applications. Regardless of the path taken, if successful, the attacker can do harm to your business or organization. The resulting damage may range from minor impact to putting your company out of business. Depending on how the application has been designed, an application exploit may be easy to find or extremely difficult to pinpoint. With so much to consider, there needs to be a starting point. As such, OWASP lists the top 10 application security risks in 2017 as follows:
- Injection
- Broken authentication and session management
- Sensitive data exposure
- XML external entities (XXE)
- Broken access control
- Security misconfiguration
- Cross-site scripting (XSS)
- Insecure deserialization
- Using components with known vulnerabilities
- Insufficient logging and monitoring