A08:2021 – Software and Data Integrity Failures- Explained

Software and Data Integrity Failures – Examples & Prevention

Jun 2, 2022

6 min read

Sudip Sengupta

In this article:

Modern software development is characterized by agile principles that encourage rapid release and update cycles. Agile methodology’s core components require implementing strict integrity checks, without which attackers can inject malicious inputs that can potentially impact all stages of the deployment pipeline. In most instances, insecure design is one of the most commonly attributed causes that lead to a broad category of application security vulnerabilities – collectively known as software and data integrity failures.

This article introduces software and data integrity failures as one of the most prevalent known vulnerabilities within modern applications, examples of such failures, and prevention strategies.

What Are Software and Data Integrity Failures in OWASP Top 10 2021?

The complexity of architectures in modern update-release cycles often forces developers to use plugins, modules, and libraries from public repositories, untrusted sources, and content delivery networks. Due to such complexities, software and data integrity failures (categorized as design flaws) occur when critical data and software updates are added to the delivery pipeline without verifying their integrity. In the absence of adequate validation, software and data integrity failures make applications susceptible to unauthorized information disclosure, system compromise, or insertion of malicious code.

Modern software delivery pipelines include auto-update functionality that streamlines the lifecycles by downloading updates

Read more

Explore the site

More from the blog

Latest News