Web application security
Dear Student
You have learned in this course about the system security risks and vulnerabilities.
That when any system goes online so it is more likely be attacked by hackers.
Hackers try to attack at the application layer of network system. Just to get into the database of system, as application layer is the bottom layer from which any computer
can access to let the data traffic comes in.

You have learned about the various technical controls that ensure security like:
• Firewall
• Antivirus software
• Network security scanners etc
From the figure, it is clear that the network firewall do not protect a web application they are only designed for network level security. It blocks unwanted traffic and activity and allow legitimate traffic in.
Antivirus software detects system level issues, not the browser.
Whereas, network security scanners are a good choice to secure network services. But they do not launch any security checks to check the vulnerabilities in web applications.
Hackers can easily hack web application firewalls as they won’t fix security holes in web applications and are not immune to attacks. Common attacks are:
1) Cross site scripting (XSS)
2) Cross site request forgery (CSRF)
3) SQL injection (SQL)
4) Buffer overflow etc
Question:
What are the challenges faced by WAFs (Web Application Firewalls) in order to secure the web applications? Write only five challenges. [ 10 marks]

Sponsored Links