Web applications vulnerabilities and threats
•Download as PPTX, PDF•
0 likes•102 views
Web Applications Vulnerabilities and Threats
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Web applications vulnerabilities and threats
Similar to Web applications vulnerabilities and threats (20)
More from Prakash Poudel
More from Prakash Poudel (20)
Recently uploaded
Recently uploaded (20)
Web applications vulnerabilities and threats
- 1. Web Applications Vulnerabilities and Threats Presented by: Sabin Sharma
- 2. Introduction Web application security is the process of protecting websites and online services against different security threats that exploit vulnerabilities in an application's code. Data is being transmitted in huge number in daily basis globally. In the Age of Information Technology secure data plays various roles to grow every business if data is not secure. Business will lose the industrial values Web Application information security have become very much of a concern for safety of data and information.
- 3. Literature Review A. Dr. Ashish Adholiya “A Study on Cyber Security Practices and Tips Awareness among E- Banking Services Users” B. Distribution of exploits used by cybercriminals, by type of attacked application, Q2 2019 (Kaspersky Lab) 1.paper Based on the statistical outputs, it is obvious that public and private sector bank customers of Udaipur district are well- exposed to cyber threats and security issues and challenges and about their level of awareness for the common cyber-attacks threats in electronic banking is good for attacks through mass media, ATM malware intrusion, traditional card frauds, PC and mobile oriented banking attacks, theft of biometric data, ransomware, social engineering, and phishing. Android, Browser , Java attract , Office.
- 4. Encryptions Technique for web application TRIPLE EDS : In cryptography, Triple DES, officially the Triple Data Encryption Algorithm, is a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. RSA : RSA is a public key encryption algorithm and it is also the standard for the encrypting the data that is being sent over the internet. AES: It this key of 256 it is Advanced Encryption Standard which uses keys of 192 and 256 bits for encryption even though it is efficient in 128-bit form. SSL: Secure Sockets Layer, are cryptographic protocols designed to provide communications security over a computer network.
- 5. Poor Security Related to Web Server hardware Poor Configuration. Low Security Budget. Data lost in portable network. Control of all hardware and software connected to your network. Poor Alert System.
- 6. Cyber Security Focus Keeping the Bad Guys out Protecting your Internal Network Recovering from an Attack
- 7. Visualize Data Figures Web Attack (https://www.ptsecurity.com/)
- 8. Geography of malicious web-based attacks , Attack targets
- 9. Security Measures Use Secure Sockets Layer. Strong Firewall. Use Cross Key Checking and Encryptions. IT security auditing. Update programs regularly. Backup regularly. Educate Society.
- 10. Conclusion Web application security is one of the major in an organization because it will help to protect its confidentiality and prevent the unauthorized access. Use different encryption technique, Method of web app development , powerful hardware component, ISO Protect our application and provides robustness.
- 11. Thank You!
Editor's Notes
- As more devices become internet-enabled and accessible and the security measures in place continue to lag behind, the associated risks are on the rise. Aside from the obvious risks for attacks on consumer IoT devices, there is a growing threat against industrial and municipal IoT as well. As leading manufacturers and grid power producers transition to Industry 4.0, sufficient safeguards are lacking. Not only do these IoT devices run the risk of being used to attack others, but their vulnerabilities leave them open to being used against the industrial organizations operating critical infrastructure themselves. This can lead to theft of intellectual property, collecting competitive intelligence, and even the disruption or destruction of critical infrastructure. Not only is the potential scale of these attacks larger, most of these industrial firms do not have the skills in place to deal with web attacks in real-time, which can cause long-lasting, damaging results. This alone will become one of the greatest threats that countries and corporations need to brace themselves for in 2017 and beyond. There are plenty of "As-A- Service" attack capabilities on the Dark Web for hire now and we should expect creative new IoT hack services to pop up in the near future. As organizations adopt more effective strategies to defeat malware, attackers will shift their approach and start to use legitimate credentials and software - think physical insiders, credential theft, man-in-the-app. The increased targeting of social media and personal email bypasses many network defenses, like email scans and URL filters. The most dangerous aspect is how attackers manipulate victims with offers or threats that they would not want to present to an employer, like employment offers or illicit content. Defenders will begin to appreciate that inconsistent user behaviors are the most effective way to differentiate malware and insider threats from safe and acceptable content.