Professional Documents
Culture Documents
1
A03 – How to prevent
2
A04 – Insecure Design
3
A04 – How to implement
4
A05 – Security Misconfiguration
•Default accounts
•Default passwords
5
A05 – How to prevent
6
A06 – Vulnerable or Outdated components
7
A06 – How to prevent
8
A07 – Identification and Authentication failures
9
A07 – How to prevent
10
A08 – Software and Data Integrity failures
•Software and data integrity failures that does not protect against integrity
violations
- Solarwinds 2020 attack
11
A08 – How to prevent
12
A09 – Security Logging and Monitoring Failures
•Insufficient logging
- Logins
- Failed Logins
- High value transactions
13
A09 - how to prevent
14
A10 – Server Side Request Forgery (SSRF)
15
A10 – How to prevent
16