Learn about communication channel issues, the risks associated with them, and how to avoid them.
- In a client server architecture there is always a risk…of a security vulnerability existing…in the communication channel between the two systems.…Because of the way TCPIP works,…these communication channels are potential hotspots…for attackers to exploit.…The most common communication channel attack…is the theft of sensitive information on the wire.…An attacker who can gain access to the network…of either the client or the server…can potentially steal the information on that channel.…
Many businesses, for instance, provide free wifi,…which is left open and unencrypted.…This can become a hot bed of theft…and your development team…needs to proactively protect your customer.…Unfortunately some users may set their devices…to always trust and connect to public wifi systems,…making the ability to spoof these SSIDs an attack vector.…
A spoofing attack is actually simple to prevent…through the use of proper transport layer security, or TLS,…because the attacker has to man in the middle…TLS connections to steal the data,…
Author
Frank P Moley III
Released
12/12/2018- Understanding attackers and risks
- Documenting your risks
- Issues related to web client–server interactions
- Issues related to thick app and client–server interactions
- Authorization and cryptography issues
- Implementing security in each phase of the software development life cycle
Skill Level Beginner
Duration
Views
-
Introduction
-
What you need to know1m 35s
-
1. Security and Risk Overview
-
The goal of secure coding3m 18s
-
Understand an attacker3m 9s
-
Break what you build3m 21s
-
Understand your risks3m 35s
-
Document what you understand4m 15s
-
-
2. Web Client Server Interaction Code Issues
-
Input validation issues4m 30s
-
Communication channel issues3m 59s
-
-
3. Thick App and Client-Server Interaction Issues
-
Error handling issues3m 21s
-
Logging and output issues4m 10s
-
Configuration issues4m 29s
-
Database issues3m 51s
-
File and I/O issues3m 54s
-
Memory management issues4m 34s
-
Dependency issues2m 46s
-
-
4. Crypto and Security Misuse Issues
-
5. Security in the SDLC
-
Embrace security in design2m 33s
-
Embrace security in testing3m 43s
-
Implement best practices2m 36s
-
-
Conclusion
-
Next steps2m 10s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Communication channel issues