Question

Application security is one of the primary avenues used by attackers to penetrate systems and networks. Some of these avenues still being exploited have been known for decades. There has historically been a wide gap between application developers and security professionals—a gap that more organizations are becoming motivated to bridge.

Discuss the following:

• Differentiate between object-based and object-oriented computer code.
• Identify common avenues of vulnerability specific to application security.
• Explain strategies that mitigate application security vulnerabilities.

Answer 1

Answer)

The object-oriented language mostly supports all of the features of that of OOPS which has abstraction, along with inheritance, or polymorphism or encapsulation whereas Object based language would not support every feature of the OOPS like that of polymorphism or the inheritance.

Some of the vulnerability specific to that of the application security is the cross-site scripting, or the SQL injection or that of the LDAP injection etc. There should be vulnerability management like reducing the risk involved by identifying those, or use of scanning tools etc

Some of the best strategies involved are as mentioned below:

1) To lower the risk that one is exposed to

2) To plan, integrate, design or finally implement the risk management or compliance process

3) To be aware of new or any upcoming threat and enhance the security accordingly

4) To have a bench mark of the business service levels.

Please comment in case you need any other inputs.
Please share a like if you find the answer helpful.
Thank you.