Software and Data Integrity Failures

Arise from a lack of integrity in code, software updates, critical data, issues in the supply chain of web applications, or the CI/CD pipelines, or how the development/deployment secrets are managed.

Some frequent causes include:

Use of third-party libraries or software components without verification
Insecure update mechanisms
Lack of code integrity checks, like checksums or digital signatures
Commitment of secrets on open-source repositories
Avoidance of environment variables handled
Remain versions or commits with previously in-code secrets
Deserialization of untrusted data without proper validation or sanitization

PreviousIdentification and Authentication Failures NextSecurity Logging and Monitoring Failures

Last updated 2 months ago