This Edureka PPT on "Application Security" will help you understand what application security is and measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities. Following are the topics covered in this PPT: Introduction to Cybersecurity What is Application Security? What is an SQL Injection attack Demo on SQL Injection Follow us to never miss an update in the future. Instagram: https://www.instagram.com/edureka_learning/ Facebook: https://www.facebook.com/edurekaIN/ Twitter: https://twitter.com/edurekain LinkedIn: https://www.linkedin.com/company/edureka

2. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Agenda
01
Introduction to
Cybersecurity
02
What is Application
Security?
03
SQL Injection
Attack

3. Copyright © 2018, edureka and/or its affiliates. All rights reserved.
Introduction to Cybersecurity

4. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Evolution Of Internet
THEN NOW
Communicating to each
other
Playing games, shopping, reading
news etc

5. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Cyberattack
Phishing
Malware
DDoS
MITM

6. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Phishing
Malware
DDoS
MITM

7. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
CYBER

8. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Cybersecurity
Cyber security refers to the body of technologies, processes, and practices designed
to protect networks, devices, programs, and data from attack, damage, or
unauthorized access.
Application Security
Network Security
Information Security
Operational Security
Disaster Recovery
End-user Education

9. Copyright © 2018, edureka and/or its affiliates. All rights reserved.
Application Security

10. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Application Security
ApplicationApplication security is the use of software, hardware,
and procedural methods to protect applications from
external threats.

11. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Why Target Applications?
Inherent complexity of the application source code
Ease of execution, automated attacks against
multiple targets
High value rewards for sensitive data breach

12. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Top Web Application Vulnerabilities
Cross-site Scripting
Cross-site Request
Forgery
Remote File Inclusion
SQL Injection
Broken Access Control
Broken Authentication

13. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Web Application Security Checklist
Web Application Firewalls
Information Gathering
Authorization
Cryptography
Resilience against attacks

14. Copyright © 2018, edureka and/or its affiliates. All rights reserved.
SQL Injection Attack

15. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
SQL Injection
SQL injection, also known as SQLI, is a common attack vector that uses
malicious SQL code for backend database manipulation to access information
that was not intended to be displayed
txtUserId = getRequestString("UserId");
txtSQL = "SELECT * FROM Users WHERE UserId = " + txtUserId;
User ID: 105 OR 1=1 SELECT * FROM Users WHERE UserId = 105 OR 1=1;
The SQL query will return all the rows from
Users table, since OR 1=1 is always true

16. Copyright © 2018, edureka and/or its affiliates. All rights reserved.
Demo: SQL Injection Attack

17. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training