OWASP top 10 DevSecOps research and mitigation testing

    Need Solution - Download from here

    OWASP Assignment Help
    top 10 DevSecOps research and mitigation testing Assignment help

    You work for a company called, ARU Dev Solutions LLC. They have contacted you to
    research the latest IT threats and are interested in the OWASP Top 10 vulnerabilities.
    Your job is to test for and document, THREE of the following vulnerabilities:
    • A1 Injection
    • A2 Broken Authentication
    • A3 Sensitive Data Exposure
    • A4 XML External Entities (XXE)
    • A5 Broken Access Control
    • A6 Security Misconfiguration
    • A7 Cross-Site Scripting (XSS)
    • A8 Insecure Deserialization
    • A9 Using Components with Known Vulnerabilities
    • A10 Insufficient Logging & Monitoring
    Explain the Vulnerabilities and Mitigation
    Explain to the business executives, why these vulnerabilities matter, including the
    potential risk to the business. You should link these vulnerabilities to the OWASP
    TOP 10 2017. You are expected to provide real-world examples for each vulnerability
    discussed and code that has issues, with then the student correcting it and suggesting
    better alternatives. The report is specifically for higher-ups in the business and needs
    to be readable by a layman (non-technical person). Please explain things in this
    technical report carefully.
    You should explain how you have researched/tested for each vulnerability, and how
    you would exploit each vulnerability. You should also explain why the vulnerability
    exists, and what is needed to mitigate it. Provide a fully annotated example code to
    support your mitigation argument. The report should outline your researched test
    environment, such as an annotated network diagram, and justify the tools selected
    for testing with references and real-world cases. Creating your own environment
    with a vulnerability (local website as an example) and then testing and correcting it
    will gain the highest of marks. More information on this is in the marking section.
    Report Presentation and Referencing
    The report MUST include the following sections (and any sub-sections you might find
    • Cover page
    • Contents page
    • Executive summary
    • OWASP Vulnerability one
    o Vulnerability
    o Mitigation
    • OWASP Vulnerability Two
    o Vulnerability
    o Mitigation
    • OWASP Vulnerability Three
    o Vulnerability
    o Mitigation
    • References
    • Appendix (if needed)
    All work should be supported with full in-text Harvard referencing. Please create subheadings
    under these so your work is easier to read for an executive or layman (the
    legal term for someone a person without professional or specialized knowledge in a
    particular subject-specific area.)
    Guidance Resources:
    To help with this assessment further, here are some places with programs or
    examples that you could learn from: (make sure to reference properly anything you
    use) Ultimately, you should create your own code.
    • https://github.com/find-sec-bugs/find-sec-bugs-demos – a good source of
    programs you can use that have vulnerable code

    By |2023-02-03T12:09:18+00:00February 3rd, 2023|Categories: Management assignment help|Tags: |0 Comments

    Leave A Comment