HP Security Products Blog
From applications to infrastructure, enterprises and governments alike face a constant barrage of digital attacks designed to steal data, cripple networks, damage brands, and perform a host of other malicious intents. HP Enterprise Security Products offers products and services that help organizations meet the security demands of a rapidly changing and more dangerous world. HP ESP enables businesses and institutions to take a proactive approach to security that integrates information correlation, deep application analysis and network-level defense mechanisms—unifying the components of a complete security program and reducing risk across your enterprise. In this blog, we will announce the latest offerings from HP ESP, discuss current trends in vulnerability research and technology, reveal new HP ESP security initiatives and promote our upcoming appearances and speaking engagements.

Displaying articles for: April 2006

How can I make a simple custom agent?

Custom Agents are sometimes complicated because of the flexibility that we provide for our customers to do in depth vulnerability assessment.  Therefore we try to make the templates that we ship as flexible as possible.  But sometimes you just want to perform a simple check and the template is a little overwhelming.  We have one client that wanted a simple agent to look through all of their web pages to ensure that their privacy statement was on every session and create a vulnerability if it was missing.  I have created and attached a very simple agent that does a similar task and does it in only a few lines of code.  It simply goes through every session and if it finds a response status code of 500 (server error), it flags it as vulnerable.  This agent should be a good starting point for your simple agent needs.


 


 

Two Emerging Trends in Web Application Security


Exploiting applications through consumable input rather than user input.



People are attacking applications by giving them consumable files like JPG, PNG, WMF, ZIP that are malformed causing exploitation. This is an important shift for 2 reasons:


1) The supply of low hanging fruit for direct user input vulns is growing smaller.


2) It raises awareness of consumables as exploitable input. A skilled developer may know how to sanitize user input, but they typically deal with file input by using some Microsoft or 3rd party library. Now Developers don't know if they can trust those libraries as they used too. This feeling grows worse if the code is closed source and they cannot verify the security for the code.


 



Exposing backend functionality/Application logic



In the past there has been a full application on the client side which accessed data stored on the server side. Attackers used various techniques to sniffed the traffic and steal this data. Now with technologies like AJAX, Web Services, etc, the application exists on both the client and server sides while transmitting programming logic across the network. APIs used by the application that can access backend systems are now exposed on the server and the client calls them. Attackers are learning they too can directly call these APIs and access applications just like a normal user would. This is a huge escalation because the attacker is now inside your application instead of passively listening.

Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.