So here is my first of many Security articles to come although these will not be super technical, I do hope
that the readers will have a better understanding of security on the internet.
Why am I writing these articles since there are so many of them out there now as
it is? Of course I am in college studying for my Bachelors in Information Technology and Security that’s why.
Now on to the good stuff!
Today I am going to talk a bit about Web Applications and how secure they are. What are Web Applications?
We use them every day but most users don’t realize it. Users would only consider these as just websites. The days of static websites are gone and in with the ever growing popular web apps are in.
Want examples of Web Applications:
The question is do you the user who uses these websites know if the information you input such as login,
passwords, registration info, credit card numbers and other private information is safe and secure?
These are just not websites but Web Applications that allow user input. How do these Web Apps protect out private
and sensitive information? I do my banking online all the time and rely on my banks web app to protect my info.
Most people look for SSL Technology, certificates and Versign logos on the web pages to ensure the
customer that their information is secure. In fact, it is while in transit. The
problem is once it reaches the servers how do we know as users that are information is being kept safe. This may
leave you pondering now on just how safe is our information that is residing on
a server that may or may not become compromised by hackers due to vulnerabilities
in the web apps. It takes a lot of trust by us, users, to still buy online and pay your bills online.
There are many ways to bypass security on servers once your information has reached its destination. Some are
as easy as inputting a command in the web app. This is due to poorly developed web apps with security flaws in the code. Broken authentication, broken access controls, SQL injections, Cross-site scripting and information leakage are just
examples of vulnerabilities web developers manage to forget to protect our information against.
That’s it for now readers; I hope this was not too technical? I also hope you have gained a better understanding
of web application security. For more information on vulnerabilities just click the links I have provided in this article.