Fail Securely
Learn about software failures, how they’re discovered, and how we can recover from them.
We'll cover the following
Bugs in software
All software has bugs. There is no such thing as perfect software. Regardless of how pristine the software appears, it’s only a matter of time before a security vulnerability is discovered. Such imperfections can take any of the following forms:
-
Code that’s written by in-house or contracted developers.
-
Software that runs in vendor-provided solutions, such as a security appliance.
-
Components that developers download from open source repositories over the internet.
Find software vulnerabilities
The methods used to find software vulnerabilities can also vary:
-
Sometimes it’s by accident, like non-malicious usage or a review of the software.
-
Other times, it can result from someone intentionally attempting to break the software to see what happens. When intentionally causing an application or server to fail, the attacker can gain information that can be used in a subsequent attack. This is a form of reconnaissance.
-
Software failures can also present an opportunity for the adversary, such as privilege escalation or authentication bypass.
Get hands-on with 1400+ tech skills courses.