Security Misconfiguration

Overview

This category of risks relates to the security components in an application being incorrectly configured. Misconfigurations are increasingly common due to the cloud being used as a development environment and web apps being built with container images. The infrastructural complexity adds more points at which security misconfigurations can occur.

Description

In the data gathered by OWASP current the Top Ten, there were over 200,000 detected instances of security misconfigurations in web apps. The challenge with mitigating security misconfiguration risks from a strategic standpoint is that they cover the whole application stack and the app’s infrastructure. Individual errors are often at play here, such as opening unnecessary ports, not changing default passwords, or leaving cloud storage buckets open.

How to Prevent ?

A pivotal strategic change is to ensure you have a repeatable process for hardening configurations and a tool or process that automatically audits and verifies those configurations across on-premise and cloud environments.

Example Attack Scenarios:

• Unsecured Default Password:  In one scenario, an attacker can exploit a security misconfiguration by using the default password set in the application, device, or system, which is often a common and well-known password. This allows the attacker to gain unauthorized access to sensitive data or resources.

• Exposed Cloud Storage Bucket:  Another example is when a security misconfiguration occurs in a cloud environment, resulting in an exposed storage bucket. This could allow unauthorized users to access and modify sensitive data stored in the bucket.