Security weaknesses today occur most often in software that is accessible from a user’s desktop, tablet, or mobile device. Web-based applications, network-enabled or controlled devices, and widely-used mobile software are the applications most targeted. This is followed by infrastructure applications such as operating systems, web servers, and browser-based software including plug-ins and extensions. The cause of these weaknesses typically stems from the developer not anticipating how the software could be misused and made to perform actions it wasn’t designed to do. The root problem is often a lack of secure input handling to block any application input or content that has not first been scanned for and had any harmful aspects filtered out.
Defend Against Injection-based Attacks
The following is external content provided as a free resource for blog readers.