What is Sensitive Data Exposure
The Common flaw in this vulnerability is not encrypting sensitive data. Attacker can sniff the data due to weak cryptography algorithm, mis-configuration of application or using http protocol…
How to protect Sensitive data?
- Prevent displaying of detailed internal error messages including stack traces, messages with database or table names, protocols, and other error codes because this can provide the attacker clues about the flaws in the application.
- Provide short error message to the user while logging detailed error information to an internal log file.
- Encrypt all data in transit and at rest
- Use secure protocols and strong algorithms. Weak algorithms are those which uses less than 128 bits key size.
- Disable caching of responses with sensitive data
Read More:
https://electricenergyonline.com/energy/magazine/779/article/Security-Sessions-Exploring-Weak-Ciphers.htm
https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A3-Sensitive_Data_Exposure
Comments
Post a Comment