![]() White-box testing (or static code analysis) should be employed in the very early stages of development. ![]() An important best practice is to carry out the security testing in the early stages of development, as opposed to traditional security testing, which is carried out in pre-production stage. ![]() Security testing strategyĮnd-to-end security testing: Secure design and coding guidelines should form the basis for application design and development. ![]() Network checks include port accessibility, protocol accessibility checks, and other security patch checks to ensure that the network infrastructure is not compromised. Any known vulnerability with the OS version or type will also be tested. Authentication checks, session and connection time-out checks, and remote command execution checks will be performed. Operating system checks include testing the OS hosting the application. Ethical hackers within the organization or an external security consulting team would be engaged for this testing. Testing these attack scenarios requires sophisticated tools and an intricate knowledge of application architecture, technological stack, and application code details. Vulnerability checks include various sophisticated security attacks such as denial of service (DoS), SQL injection attacks, brute force attacks, CSRF, XSS, and man-in-the-middle attacks. Security tests will be conducted to compromise session data by stealing session data or impersonating session or other means. Session management checks verify various aspects of a user session such as session management features, inactivity time-outs, session id encryption, session display information. Data and information security classification schemes will be tested. Security of the data transport layer will also be tested. Storage of sensitive data and encryption methods will also be tested. Information leakage checks test various error messages and log messages for accidental leakage of sensitive information. Other features such as impersonation, admin privileges, and escalation of privilege will also be tested. Īccess control checks verify the fine-grained security or authorization features such as role-based access to functionalities, user access rights, and compartmentalization of functionality.The tests are aimed at bypassing or compromising the authentication feature. Īuthentication checks, which test for user authentication policies such as password strength, password change process, and registration process and password management features.When you do this, attackers will be unable to reauthenticate using something such as OPENROWSET in addition, it reduces the possibility of sniffing passwords over the network, and can leverage the Windows operating system to enforce strong password and account controls. In SQL Server databases, consider exclusive use of Integrated Windows Authentication instead of the less secure SQL Server Authentication. Lastly, enable server auditing to monitor suspicious activity, especially failed logins. Attackers can leverage weakly protected accounts to reauthenticate to the database server and potentially elevate privilege. Additionally, you should enable password strength within the database server to prevent administrators from selecting weak passwords. You should review all database logins, and disable or delete those that are unnecessary, such as default accounts. Justin Clarke, in SQL Injection Attacks and Defense (Second Edition), 2012 Strengthen Controls Surrounding Authentication
0 Comments
Leave a Reply. |