Exploring What XSS Vulnerabilities Are - PowerPoint PPT Presentation

About This Presentation
Title:

Exploring What XSS Vulnerabilities Are

Description:

XSS Vulnerabilities are one of the most prevalent forms of modern cyber-attacks. So, what exactly are these and how a website vulnerability scanner can be beneficial? Know more here... – PowerPoint PPT presentation

Number of Views:73

less

Transcript and Presenter's Notes

Title: Exploring What XSS Vulnerabilities Are


1
(No Transcript)
2
Introduction
  • For any business, websites are their digital
    identity and protection against the top
    vulnerabilities like XSS is essential
  • XSS attacks have a wide range of damages
  • Hackers steal away with crucial sensitive data
    present on the website for performing identity
    theft

3
What are XSS Attacks?
  • Cross-site scripting or XSS attacks are security
    policy which is carried out by the attackers on
    client-side webpages codes
  • This attack has been in existence for more than 3
    decades now
  • All major websites have been at least once under
    this vulnerability attack
  • Attackers use XSS vulnerabilities for stealing
    user data or controlling the user session
  • Also used as a component of a major phishing scam

4
Types of XSS Attacks
  • Reflected XSS- Also known as non-persistent XSS
    attack. Here malicious scripts are diverted to
    another website on the user browser
  • Stored XSS- Also known as persistent XSS, where
    malicious code is directly inserted into the web
    application
  • DOM XSS- Here the malicious script is present in
    the Document Object Model rather than the HTML

5
How XSS Attack Works
  • XSS attacks are different from other application
    layer attacks
  • The application of a user is attacked and not his
    server
  • It works by placing a malicious code using a
    client-side script on the web applications
    output
  • The common motive behind an XSS attack is to
    gather insights from cookie data
  • Client-side scripts dont have direct impact on
    the server-side information

6
Preventing XSS Attacks
  • Using a Website Vulnerability Scanner
  • The website owners can use a website
    vulnerability scanner when they develop their web
    applications.
  • A website scanner tool gives a full audit of
    security weaknesses along with flaws present in
    the site
  • A web security scanner also ensures the user
    website is also secured against top website
    vulnerabilities

7
Preventing XSS Attacks
  • Using an SDL
  • SDL stands for Security Development Lifecycle
  • Adding SDL in the web application limits the
    number of coding errors and security breaches
  • It ensures that websites become less vulnerable
    to any XSS attack
  • SDL assumes that all data received by web
    application is coming from a non-trustworthy
    source

8
Preventing XSS Attacks
  • Having a Crossing Boundaries Policy
  • A crossing boundary policy allows the
    authenticated users to enter their login
    information again before giving access to users
    for certain pages and services on the website
  • Crossing boundaries policy can be expanded
    further so that the session gets terminated if
    two IP address have similar session data

9
How VTMScan Helps
  • ESDS VTMScan is a 1-click vulnerability, threat
    and malware scanner for the user websites and web
    applications
  • It checks for vulnerabilities like- OWASP Top-10
    Vulnerabilities, Cross-Site Scripting (XSS),
    LFI-RFI Detection, etc.
  • Provides a comprehensive report to the user
    regarding the vulnerabilities present on his
    website and web applications

10
Know more _at_ https//esds.co.in/security/vtmscan
11
Concluding Remarks
An XSS attack is one of the most dangerous
vulnerability attack that takes place on a
website. It leads to drastic damages for any
website owner.
VISIT ESDS _at_
relationship_at_esds.co.in
Write a Comment
User Comments (0)
About PowerShow.com