WEBVTT

00:07.250 --> 00:12.590
Many vulnerabilities we encounter stem from the flaws within the operating system or installed applications.

00:12.590 --> 00:17.750
We usually impact these vulnerabilities or find these vulnerabilities using a slew of different tools

00:17.750 --> 00:18.500
or measures.

00:18.500 --> 00:23.360
However, the most important aspect is applying patches or making configuration adjustments within that

00:23.360 --> 00:28.670
software development and the realm of software development, we need to look at quality over quantity.

00:28.670 --> 00:31.160
That means that we're going to actually look at secure coding.

00:31.160 --> 00:32.930
From the onset of our practice.

00:32.930 --> 00:38.120
Many vulnerabilities we encounter stem from the flaws within the operating system or the installed applications.

00:38.120 --> 00:44.030
We need to address these vulnerabilities through patching or making configuration adjustments as needed.

00:44.030 --> 00:48.110
However, when we talk about secure coding, we really need to do it from the onset.

00:48.110 --> 00:51.530
We need our coding to be secure from the planning stage.

00:51.530 --> 00:56.810
If we just start developing code or developing programs willy nilly, starting to go through the process,

00:56.810 --> 01:01.430
and then decide halfway through the project to involve secure coding, it's going to cost us twice as

01:01.430 --> 01:07.050
much money, twice as many resources, and twice as much time coding and secure coding from the onset

01:07.050 --> 01:10.740
with security is the most optimal use of our time and resources.

01:10.770 --> 01:14.340
Throughout our coding process, we need to provide input validation.

01:14.340 --> 01:19.920
This is where we take the coding and we go through, and we ensure that any process that allows the

01:19.920 --> 01:24.990
user to interact with our program provides a specific functionality.

01:25.020 --> 01:26.040
What do I mean by this?

01:26.040 --> 01:32.160
I know I pounded this calculator algorithm or analogy into the ground, but if I have a calculator,

01:32.160 --> 01:37.260
I need it to only accept zero through nine and some very specific special characters.

01:37.260 --> 01:42.330
Once I start allowing it to have a through Z or some special characters that provide some programming

01:42.330 --> 01:46.440
language to it, I've been validated or provided an avenue for attackers.

01:46.440 --> 01:47.940
To get into that program.

01:47.940 --> 01:54.810
I need to ensure that my calculator is only providing or allowing users to input measures that are specific

01:54.810 --> 01:56.400
to that program itself.

01:56.400 --> 01:58.650
Now, not every program is going to be the same.

01:58.650 --> 02:02.430
We're not drawing up or developing 50 million different types of calculators.

02:02.430 --> 02:08.370
However, does it make sense for a user to be able to use a semicolon or specific special characters

02:08.370 --> 02:13.810
that are coherent with scripting inside the input of the field, I would say no.

02:13.840 --> 02:19.840
When we do input validation, we need to ensure that the inputs that we are allowing users to utilize

02:19.870 --> 02:22.690
is specific to the program and what they need to do.

02:22.720 --> 02:27.220
This prevents not only injection attacks, but cross-site scripting, and it provides a little bit of

02:27.220 --> 02:28.300
layer of security.

02:28.330 --> 02:30.970
Finally, we need to provide some upload security.

02:31.000 --> 02:33.850
How are we going to allow users to upload documents?

02:33.850 --> 02:39.700
Some documents that users are allowed to upload have malware embedded within them, their scripts allowed

02:39.700 --> 02:46.180
within those uploads that could be fatal to our system, and provide a little bit of leverage for the

02:46.180 --> 02:47.650
attacker to get inside.

02:47.650 --> 02:49.330
We need to provide double checks.

02:49.330 --> 02:55.780
We need to validate different uploads as they're going through our system to ensure that this dual layered

02:55.780 --> 03:00.850
approach balances the security and the robust defenses within our system as a whole.

03:00.880 --> 03:07.930
Output encoding provides where the user inputs a field within our forums or within the coding itself,

03:07.930 --> 03:10.780
but we rerender it as it's being outputted in.

03:10.810 --> 03:11.920
What do I mean by this?

03:11.950 --> 03:17.550
If you look at the screen right here, you can see where a user inputted a basic HTML format going in

03:17.550 --> 03:18.840
with just the word very.

03:18.870 --> 03:23.580
However, when it's rendered out, it doesn't provide all those command line or scripting languages

03:23.580 --> 03:26.670
that HTML uses by providing a rendered output.

03:26.700 --> 03:31.830
We prevent users from utilizing our website to provide scripting attacks to other users.

03:31.830 --> 03:36.960
This is going to stop cross-site scripting attacks, as well as other injection attacks that are harmful

03:36.960 --> 03:39.570
to our users utilizing our website services.

03:39.600 --> 03:42.480
HTTP operates in a stateless protocol.

03:42.480 --> 03:47.280
This implies that the web server does not retain user information across different requests.

03:47.310 --> 03:53.040
To address this limitation, we utilize cookies and they serve to remind the server of the user's identity.

03:53.040 --> 03:58.140
They facilitate tasks and navigate through the different pages of an online store by remembering that

03:58.140 --> 03:58.770
cookie.

03:58.800 --> 04:02.640
However, that cookie can also be utilized to provide a session ID.

04:02.730 --> 04:06.690
This session ID is often used in relation to the actual user.

04:06.690 --> 04:07.740
As we stated.

04:07.740 --> 04:12.060
However, what if a attacker is able to get a hold of that specific cookie?

04:12.060 --> 04:15.330
They then have the ability to utilize that session ID.

04:15.480 --> 04:22.180
By utilizing a key management system, we can ensure that cookies that are utilized by legitimate users

04:22.180 --> 04:24.880
are not then utilized by attackers.

04:24.880 --> 04:30.880
We set up the cookies within a secure manner with a timestamp associated with it, and we validate or

04:30.880 --> 04:33.880
invalidate that cookie as the session is terminated.

04:33.910 --> 04:39.370
By performing key management within the system, we can stop attackers from replaying attacks across

04:39.370 --> 04:40.270
our servers.

04:40.300 --> 04:44.800
Authentication is the art of ensuring someone is who they say they are.

04:44.830 --> 04:50.230
We use authentication almost in every IT system that we utilize today, whether it's logging into a

04:50.230 --> 04:55.060
server or authenticating someone to gain access to a specific program.

04:55.060 --> 04:59.050
However, authentication needs to be more than just your username and password.

04:59.050 --> 05:04.180
We need to implement different forms, such as multi-factor authentication or two factor authentication.

05:04.180 --> 05:10.510
We need to verify and then revalidate or re-authenticate using a secondary measure.

05:10.510 --> 05:14.620
We can enforce password policies to make sure that the password is not weak.

05:14.620 --> 05:19.750
Weak passwords contribute to a major portion of problems that we see in it today.

05:19.750 --> 05:25.660
There's an entire list of commonly used passwords that we can that attackers utilize to dictionary,

05:25.660 --> 05:28.820
attack, and brute force attack many systems.

05:28.820 --> 05:35.900
By making and enforcing complex password policies, we can ensure that users aren't easily taken advantage

05:35.900 --> 05:36.320
of.

05:36.350 --> 05:41.960
We want to utilize encryption, not just encryption, on the standard format of the storage drives,

05:41.960 --> 05:47.240
but encryption in transit so that when the user transmits their password and username, it's being encrypted

05:47.240 --> 05:49.940
across the entire data in process.

05:49.970 --> 05:51.980
We're going to lock accounts when required.

05:51.980 --> 05:57.740
If we see that a user has attempted to log into the system three times over and it's still bad, we

05:57.740 --> 05:59.060
need to lock that account.

05:59.060 --> 06:03.440
If we see a user that's logging in at 2 a.m. in the morning, and they've never logged in at 2 a.m.

06:03.440 --> 06:08.150
in the morning, and they have no legitimate reason to be logging at 2 a.m., maybe it's time to look

06:08.180 --> 06:09.710
at locking that count as well.

06:09.710 --> 06:11.390
We need to maintain logs.

06:11.390 --> 06:13.700
Maintaining logs provides us an audit trail.

06:13.700 --> 06:19.520
If we utilize logs in an appropriate manner, then those detection controls can outline and define where

06:19.520 --> 06:23.690
we went wrong on our different policies that we put in place to authenticate our users.

06:23.690 --> 06:28.490
All of these make up different forms or aspects of the authentication that we need to utilize within

06:28.490 --> 06:29.570
our software environment.

06:29.570 --> 06:33.450
Data protection involves data at rest and motion or in use.

06:33.450 --> 06:38.820
When we talk about data at rest, we're really referring to when the data is sitting still on a specific

06:38.820 --> 06:44.250
drive, whether it's a hard disk drive or a solid state drive, whether it's on a server or even a laptop.

06:44.490 --> 06:47.580
Recently, we've had a rash of laptops being stolen out of cars.

06:47.580 --> 06:49.470
You have a laptop sitting on your floorboard.

06:49.470 --> 06:51.150
It's covered up with a sweater or jacket.

06:51.150 --> 06:55.080
You don't think anything about it, and then all of a sudden you come back to your car, the window's

06:55.080 --> 06:57.450
been broken out and the laptop is stolen.

06:57.450 --> 07:02.610
If that laptop has sensitive data on it and it's been stolen, a lot of times we just think, oh, they

07:02.610 --> 07:06.330
took it out and they pawned it off, or they're going to use it for their own purposes.

07:06.330 --> 07:07.980
But that's not always the case.

07:07.980 --> 07:13.530
Any data that was stored on that laptop that was sensitive in nature is a major liability for the company.

07:13.530 --> 07:18.690
By encrypting that data, we've provided an extra layer of protection to safeguard the company's data

07:18.690 --> 07:19.440
assets.

07:19.470 --> 07:22.290
Data in transit needs to be secured as well.

07:22.320 --> 07:26.610
Data in transit means that we're moving data from point A to point B, whether it's a client to client

07:26.610 --> 07:29.070
or a server to server, or even a server to client.

07:29.070 --> 07:34.320
With this aspect of it, we need to provide basic encryption algorithms to ensure that the data is not

07:34.320 --> 07:36.030
being utilized by a man in the middle.

07:36.030 --> 07:42.330
Attack That data as it's being encrypted, is going to safeguard our internal assets as well as provide

07:42.330 --> 07:44.130
an extra layer of data protection.

07:44.160 --> 07:49.890
Finally, data in use while we talk about data in use, and we most often refer to that as being unencrypted,

07:50.100 --> 07:55.140
there is new technology out right now with a heuristic approach that it provides the ability to not

07:55.140 --> 08:00.300
only use data, but to write new data and have that data encrypted as soon as it's being put down.

08:00.330 --> 08:03.390
This new measure will not fully recognize within.

08:03.390 --> 08:08.820
Our industry is fast coming to be a new technology that we should see fairly soon.

08:08.850 --> 08:13.770
Parameterized queries are queries that we usually type into a field or a subfield.

08:13.770 --> 08:18.150
We most often associate this with username and passwords, or when we're looking through something,

08:18.150 --> 08:19.410
through Yahoo or Google.

08:19.440 --> 08:22.920
However, internal databases have a search query as well.

08:22.950 --> 08:28.500
However, what if we utilize a parameterized query where we take drop down menus within a drop down

08:28.500 --> 08:28.800
menu?

08:28.830 --> 08:31.530
It's impossible for a user to actually type in this field.

08:31.530 --> 08:35.720
We've avoided that attack mechanism or that attack vector altogether.

08:35.720 --> 08:41.090
This is where parameterized queries provide us a decent landscape while still providing the needed functionality

08:41.090 --> 08:42.170
of a website.