Getting started with secure application development in [#security]

As an organization that offers software solutions in healthcare and other sectors, security and privacy are some of our highest priorities at LinkORB. The Engineering team, especially developers and database administrators, are responsible for the security and privacy of the information and applications we offer our users and customers.

security on

Using industry best practices, our developers significantly reduce the attack surface of our applications and APIs that are accessible over the Internet without degrading user experience. Bearing in mind that threat actors only need to find one exploitable vulnerability to gain unauthorized access, LinkORB developers are expected to patch identified vulnerabilities immediately as well as proactively employ best practices to reduce a threat actor’s ability to identify and exploit unidentified vulnerabilities.

Purpose

This guide introduces developers to common web application vulnerabilities and recommends secure application development practices to prevent or fix such vulnerabilities. Specifically, it discusses the following:

Secure application development

Secure application development encompasses all security operations performed throughout the development lifecycle with the following objectives:

  • Vulnerability identification
  • Vulnerability neutralization/mitigation
  • Information availability
  • Information confidentiality
  • Information integrity

Vulnerabilities

A vulnerability is a design or implementation loophole (weakness) that gives threat actors unauthorized access to an application. Threat actors scanning for and looking to exploit vulnerabilities in a web application can include:

  • inquisitive users
  • disgruntled employees
  • cybercriminals
  • foreign intelligence

Threat actors usually exploit one of the following vulnerabilities to gain unauthorized access to a web application:

  • Broken access control: A design, implementation, or configuration flaw allowing attackers to bypass restrictions that ought to prevent them from performing some operations. This includes malicious acts like modifying other users’ data through Cross-Site Request Forgery (CSRF), forcefully accessing an application’s admin portal through privilege escalation, and misconfigured trust chain validation allowing unauthorized access to data in transit or at rest.
  • Injection: Weaknesses that expose privileged information to authorized parties when an application processes user-supplied data. Common examples are SQL injection and Cross Site Scripting (also called XSS).
  • Insecure Design: Insecure or defective feature/application design leading to the exposure of sensitive credentials or loopholes that attackers can exploit. For example, exposing sensitive data in error messages sent to the client side can expose an application’s security flaws.

Please see OWASP Top Ten for a comprehensive list of common web application vulnerabilities.

Threat modeling

Threat modeling is the process of identifying and quantifying potential vulnerabilities from a threat actor’s perspective, and then prioritizing safeguards and countermeasures for a given application. Among other things, threat modeling allows developers to create profiles of potential threat actors and identify what attack vectors they may try to exploit. This helps detect and fix security problems in an application before it is deployed to production.

You may adopt one or more threat modeling methods throughout the application development lifecycle. STRIDE and P.A.S.T.A. are some of the most popular ones. Please see Threat model for more information.

Threat modeling with STRIDE

STRIDE is our preferred threat model for vulnerabilities in our internal and external applications, APIs, and processes. It identifies vulnerabilities and provides countermeasures by first classifying each threat actor’s goal(s). Please see threat modeling process for a structured guide on using the STRIDE model.

Preventing common web application vulnerabilities

Please see OWASP top ten for comprehensive descriptions and fixes of the 10 most critical and most common web application vulnerabilities.

Injection is one of the most common and most critical vulnerabilities in the wild. The following are some of its most common variants:

  • OS Command Injection: Gives attackers access to the server’s OS, allowing them to run commands.
  • SQL Injection: Inadequately sanitized user-supplied data cleverly written to access authorized MySQL database records from the client side.
  • Cross-Site Scripting: Client (browser) side vulnerability that allows an attacker to modify client-side code to perform actions on behalf of other users.

To safeguard a web application against injection attacks:

  • Research and implement countermeasures for the application’s technology stack.
  • Sanitize and validate user input on the client and server side.
  • Ensure the application runs with the least required privileges.
  • Only expose non-sensitive error messages to the client.
  • Minimize the application’s access to shell commands.
  • Automate the auditing and patching workflow for application dependencies.
  • Run unit, integration, and end-to-end tests for each pull request.

Please see Injection Flaws for a comprehensive guide on identifying and preventing injection vulnerabilities.

Vulnerability Remediation provides a high-level step-by-step guide for addressing security weaknesses in a system.

OWASP’s Web Security Testing Guide provides comprehensive guides for testing, identifying, preventing, and fixing vulnerabilities throughout an application’s lifecycle.

See Secure development and deployment guidance for an in-depth guide on secure application development, deployment, and maintenance best practices.

Developers performing Docker-related operations will benefit from reviewing the following security-focused resources:

Further reading

Please see the information security guide for more information.

About Security
  • Name: Security (#security)