Back

Sensitive Data Exposure

By
Nash N Sulthan
Published on
24 Jun 2018
owasp

sensitive data exposure occurs when an application like a smartphone app or a browser, does not protect information such as passwords or payment info adequately.

Example

SSL is not used for all authenticated pages.Attacker can simply monitors network traffic and steals the user’s session cookie.

Impact

Failure compromises data that should have been protected. Typically, this information includes sensitive personal information data such as health records, personal data and credit cards.

Mitigation / Precaution

  • Make sure to encrypt all sensitive data that are at rest.
  • Disable caching for the responses that may contain sensitive data.
  • Store all passwords using adaptive and salted hashing functions for better security.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.
Product tour
Written by
Nash N Sulthan
Nash N Sulthan
Cyber Security Lead Engineer
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.
Product tour