Web Application Vulnerabilities.

Kevin Curran, Stephen McNally

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

30 Downloads (Pure)

Abstract

In the digital age web applications have become a staple of our daily lives due to their convenience and efficiency. It is our main form of communication, transactions and how we access information. With the abilities of web applications, we have become reliant on them for our day-to-day tasks. Although this is not inherently bad, it has become clear that web application security is a paramount tool for online use, particularly among businesses and organisations. Web application security is the practice of protecting websites, applications, and APIs from attacks. This form of security aims to ensure that web applications function smoothly and remain unhindered by cyber vandalism, data theft, and other malicious attacks. This report will explore the top three vulnerabilities highlighted by the most recent OWASP top ten vulnerabilities report, last updated in 2021. These vulnerabilities include broken access control, cryptography failures and injection attacks. Moreover, each section will highlight how these security techniques defend, can be exploited and what measures developers can take to better defend web applications. The paper addresses the future of web application security in the context of emerging technologies such as artificial intelligence (AI) and machine learning. It speculates on how these technologies might be integrated into security strategies to enhance threat detection and response capabilities. The concept of DevSecOps is introduced as an evolutionary approach to integrate security into the development process of web applications, emphasizing the shift towards proactive security practices. In conclusion, the paper highlights the critical nature of web application security in the digital age. It provides a detailed examination of the most pressing vulnerabilities and offers guidance on implementing effective security measures. The aim is to equip developers, security professionals, and organizations with the knowledge and tools necessary to build and maintain secure web applications, ultimately protecting them from the evolving landscape of cyber threats.
Original languageEnglish
Title of host publication8th International Symposium on Computer Science and Intelligent Control (ISCSIC 2024)
Number of pages8
Publication statusAccepted/In press - 27 Sept 2024
Event2024 8th International Symposium on Computer Science and Intelligent Control - Zhengzhou, China
Duration: 6 Sept 20248 Sept 2024
https://www.iscsic.org/

Conference

Conference2024 8th International Symposium on Computer Science and Intelligent Control
Abbreviated titleISCSIC 2024
Country/TerritoryChina
CityZhengzhou
Period6/09/248/09/24
Internet address

Data Access Statement

No data information on record

Keywords

  • cybersecurity
  • Web and internet services
  • security
  • Web application security
  • OWASP
  • Access Control

Fingerprint

Dive into the research topics of 'Web Application Vulnerabilities.'. Together they form a unique fingerprint.

Cite this