With the growing number of cyber security threats, it is essential for everyone to know, mitigate, monitor, and prevent attacks on your apps. I have started this technology series as a small contribution to sharing the knowledge of whatever I have gone through so far. I hope my efforts will be useful to many software engineering aspirants and professionals who wish to use this information in their day-to-day work.
1. What Are the Important Aspects to Consider in Order to Secure Your Applications?
- Authentication and authorization ( if your authentication part is compromised, hackers can easily penetrate into a user app and do whatever they want, so it is important to safeguard your authentication mechanism to the app, API, or system.
- Logging: Application logs are essential and, more importantly, without which you won’t be able to identify any security incident; application-specific data is used for investigation. You should follow the best practices as much as you can to log the data.
- Encryption on data: There are multiple encryption algorithms that I will cover at the end of the video today; it is safe when you encrypt the data while transmitting from sender to receiver. Decryption is done at the receiver level to get the actual data.
2. Why Should You Use WAF Along With a Firewall?
Firewalls are the first level of protection that permits or blocks network traffic based on IP addresses and port numbers. It can allow traffic to default ports http80 and https443.