what are benefits of developing secure software
data protection - safeguarding of sensitive information
minimising cyber attacks and vulnerabilities - weaknesses that attackers exploit to gain unauthorised access or cause harm
what are the software development steps
requirements, specifications, design, development, integration, testing and debugging, installation, maintenance
what is the purpose of secure software architecture
to plan and structure software solution that meets the needs of stakeholders while ensuring security
how does the capabilities and experience of end users influence secure design features
- the goal is to meet user needs and minimise security risks from misuse
- security needs to be easy enough to understand and strong enough to protect user data
- user feedback and testing, rbac
- mfa, password managers, sso
what are the fundamental software design security concepts
confidentiality, integrity, availability, authorisation, authentication, accountability
what is the CIA triad
confidentiality - sensitive information is kept private (access control, encryption)
integrity - ensuring data is accurate, consistent and trustworthy over entire lifecycle (access control, encryption, hashing, checksums, digital signatures)
availability - authorised users have efficient access to information they need (redundancy, load balancing, disaster recovery)
what is the difference and purpose of authorisation and authentication
authentication - verifying the identity of users
authorisation - determine permissions and restrict access
- both used for access control
what is accountability and why does it need to be considered
traceability - every action in the system is linked to a responsible party
- audit trails and logging (Store record of events, activities and transactions)
- troubleshooting, compliance, security
what is STRIDE
threat modelling methodology developed by microsoft to analyse and classify threats on a prioritised list:
Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege.
how does cryptography contribute to security by design
- process of encoding information so only the intended recipient can read
- confidentiality through encryption (symmetric/asymmetric)
- protects, verifies integrity, authenticates systems
- hashing - converting to fixed length value
- digital signatures - authenticate identity of sender
how does sandboxing contribute to security by design
- controlled, isolated testing environment that enables programs/files to run without affecting system where it’s run
- running untested/untrusted code
- external APIs, web browser, user input, environments
what is the privacy by design approach
- proactive not reactive (anticipating and addressing potential security/privacy issues during design and development stage)
- embed privacy into design (integrating privacy practises throughout entire lifecycle)
- respect for user privacy (users have the right to manage their information)
how can the security and resilience of software be tested and evaluated? (syllabus)
- determining vulnerabilities (SAST, DAST, pen testing)
- hardening systems (reducing ‘attack surface’ total points where unauthorised user could enter/extract data)
- handling breaches (incident response plan, quick containment and mitigation)
- maintaining business continuity (ability to maintain critical operations during/after disruptive event)
- conducting disaster recovery (documented approach for restoring systems, data and infrastructure - RPO and RTO)
what are strategies to help manage the security of code (forms of testing)
- code reviews (based on guidelines - someone else systematically checks for bugs, code quality, standards)
- static application security testing SAST (analysing source code before compilation to find vulnerabilities - detects unvalidated inputs, improper use of cryptography)
- dynamic application security testing DAST (automated, continuous testing method to identify vulnerabilities in running application by simulating attacks - detects XSS, SQL I, weak session management)
- vulnerability assessment (systematic review of weaknesses - evaluates if susceptible to known vulnerabilities, assigns severity levels, recommends remediation)
- penetration testing (more manual/in-depth - simulates real world attacks to find vulnerabilities)
what security features can be applied and incorporated into software (syllabus)
- data protection (hashing, encryption, data minimisation)
- security measures (input validation/sanitisation, parameterisation, output encoding, error handling)
- privacy protection (privacy policy, anonymisation)
- regulatory compliance (privacy act 1988, user rights to access, rectify, delete personal data)
what are defensive data input handling practises and how to apply
verifying input data is valid before processing/storing (done at point of entry)
- input validation (input meets expected format - prevents malformed data)
- input sanitisation (cleaning and filtering input to prevent malicious data entering eg. removing/encoding characters)
- error handling (don’t reveal sensitive information like file paths or queries, maintain detailed logs)
- principle of least privilege
- secure authorisation and authentication
how can APIs be implemented safely to minimise software vulnerabilities
APIs facilitate interactions between different systems/parts by providing interface to request data (can become gateways for attackers to access)
- authorisation and authentication
- encryption
- rate limiting
- input sanitisation and validation
what is secure memory management
protecting sensitive data in memory
- avoid storing in plain text
- clearing from memory after use
- prevent buffer overflows by validating input sizes
what is session management
maintains a user’s state across interactions
- unique, encrypted session IDs
- session timeouts and regeneration
- storing session cookies with HttpOnly and Secure flags
key vulnerabilities: session fixation and hijacking
what is exception management
handling unexpected events during execution
- errors don’t lead to crashes, data corruption or exposure of sensitive information
- internal details stay hidden
how to minimise broken authentication and session management vulnerabilities
- weak passwords, insecure session management
- can lead to stolen credentials, session hijacking/fixation
- enforce strong password policies, mfa, session timeouts
what is xss and how can it be prevented
malicious scripts injected into web pages
- targets user’s browser
- attacker can extract data from client side using JS
- can lead to cookie/data theft, session hijacking, DOM manipulation, malware injection
- prevent: output encoding, CSP, input validation, avoid dynamic script generation
what is csrf and how can it be prevented
malicious requests sent from user’s browser to perform unintended actions
- targets web application server
- takes advantage of user’s authenticated session with a server
- attacker can trigger actions but can’t read response
- can lead to changing credentials, transactions, etc
- prevent: CSRF tokens, SameSite cookie attributes, checking referrer headers
what is invalid forwarding and redirecting, and how can it be prevented
redirected/forwarded to unintended pages from manipulated URLs or unvalidated redirects ‘open redirect vulnerabilities’
- strict validation and sanitisation of URLs
- relative URL instead of absolute
- use predefined paths
- safe default page
