From the course: Programming Foundations: Secure Coding
Join today to access over 24,800 courses taught by industry experts.
Internal data management issues
From the course: Programming Foundations: Secure Coding
Internal data management issues
- There are often many data points an application needs in order to operate successfully. These data points can be as simple as URLs and other resources and as complex as encryption keys. While this data is needed for applications to operate, in the wrong hands, they can be treacherous to a system. Let's start our discussion with a common use case and that is connecting to a remote service. Usually, to connect to a remote service, you need to store the URL of that service along with the credentials or tokens needed to consume that service. That information is needed by your application at runtime. Serving that data at runtime can be the challenge. The attack vector associated with this should be relatively straightforward. If you expose the data you need for your system to operate, the attacker can then use that same data to mimic you to your backend service. The attacker can then use the mimic behavior to manipulate the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
Error handling issues3m 21s
-
(Locked)
Logging and output issues4m 9s
-
(Locked)
Internal data management issues3m 9s
-
(Locked)
Configuration issues4m 29s
-
(Locked)
Database issues3m 51s
-
(Locked)
File and I/O issues3m 54s
-
(Locked)
Memory management issues4m 34s
-
(Locked)
Dependency issues2m 46s
-
(Locked)
-
-
-
-