Mitigating Website Security Flaws
When assessing the vulnerabilities of a website or web application, keep in mind that the search for vulnerabilities that could be exploited is not an inventory; it is an investigation. The objective is to find any security flaw and mitigate it. Mitigation is a process that removes or limits the exposure of a vulnerability to a threat of an attacker exploiting it.
On websites, the security flaws found are likely to range from usability issues to security holes. Once a website vulnerability is found, three decisions need to be made:
-
Is the vulnerability truly a threat to cause harm to the operation, content, or security of the website?
-
What is the potential cost to repair any possible damage that may occur to the website? Is that amount more than the cost to mitigate the threat?
-
What is the best strategy for the organization to mitigate the vulnerability and its threats:
-
Accept the vulnerability and do nothing?
-
Avoid the vulnerability by removing the website?
-
Reduce the probability of the vulnerability being exploited through mitigation?
-
Transfer the responsibility for the vulnerability and its threats to a third party or contractor?
-
If the strategy chosen is to reduce the likelihood of a vulnerability being exploited and also lessening its risk, certain steps should be used to ensure this approach succeeds. To mitigate a vulnerability or another security flaw, take the following steps:
-
Verify vulnerabilities—Although the vulnerability in question is likely well known, it is possible that other vulnerabilities may not be. A vulnerability assessment should be performed to identify any and all existing vulnerabilities of the website and its applications. Good sources for this information are system logs, on the test client as well as the server, auditing webpage performance, or from interviewing end users.
-
Analyze and prioritize vulnerabilities—Security flaws can range from barely dangerous to extremely catastrophic. The list of vulnerabilities found in the verification and assessment step must be evaluated to determine its threat potential, which may include the likelihood of its happening, the amount of harm it may cause, and its mitigation costs. While all vulnerabilities should be mitigated to a less threatening point, it is best to mitigate those posing the greatest threat potential first. Often, the highest risks are threats that may lead to compromised data.
-
Develop a mitigation plan—With the prioritization of the vulnerabilities completed, a plan should be developed based on the resources and time required to complete the actions required.
-
Retest—It is important to verify that the mitigation actions removed or closed the vulnerability and the threats and risk associated with it. The best way to make sure that the mitigation worked is to repeat the assessment or perform what is called a regression test, which checks for any errors or new vulnerabilities possibly introduced by the mitigation actions.