Security Misconfigurations
Understanding and Mitigating Security Misconfiguration Risks
Prevent Security MisconfigurationsTable of Contents
What is security misconfigurations?
Security misconfigurations is #6 on the latest (2017) OWASP Top 10 list. This vulnerability can occur at any level of an application stack, including network services, platform, web server, application server, database, frameworks, custom code, pre-installed virtual machines, containers, and storage. Security misconfiguration can stem from the failure to implement all of the security controls for a server or web application, or from implementing security controls in a way that introduces errors. It can also occur when defaults are used for security settings.
Security misconfiguration flaws give attackers unauthorized access to system data and functionality. Occasionally, such flaws can lead to severe consequences; for example, a complete system compromise. The business impact can be great or small depending on the protection needs of the application and data.
Contrast is the clear customers’ choice
Contrast is named a Customers’ Choice in the 2021 Gartner Peer Insights “Voice of the Customer”: Application Security Testing report. With the highest percentage of 5-star ratings, this is the third consecutive year Contrast has received this powerful endorsement from customers.
Built for Developers. Trusted by Security.
Learn Secure Code
CROSS SITE SCRIPTING (XSS)
Learn about Cross site scripting (XSS) and how it affects your Java source code
SQL INJECTION
Learn about SWL injection and how it affects your Java source code
CLIENT SIDE INJECTION
Learn about client-side injection and how it can affect your source code