A02:2021 – Cryptographic Failures
GPTKB entity
Statements (29)
Predicate | Object |
---|---|
gptkbp:instanceOf |
OWASP Top 10 Category
|
gptkbp:category |
Web Application Security Risk
|
gptkbp:example |
failure to rotate keys
storing passwords without hashing transmitting sensitive data in cleartext using deprecated SSL/TLS versions using hard-coded cryptographic keys |
gptkbp:focusesOn |
lack of encryption
weak cryptographic algorithms cryptographic weaknesses data protection failures improper key management insecure transmission of data use of outdated protocols |
gptkbp:hasOWASPPage |
https://owasp.org/Top10/A02_2021-Cryptographic_Failures/
|
https://www.w3.org/2000/01/rdf-schema#label |
A02:2021 – Cryptographic Failures
|
gptkbp:mitigatedBy |
do not use deprecated cryptographic protocols
enforce secure transmission protocols implement proper key management store passwords using strong hashing algorithms use strong encryption algorithms |
gptkbp:partOf |
OWASP Top 10:2021
|
gptkbp:publishedBy |
gptkb:OWASP
|
gptkbp:publishedIn |
2021
|
gptkbp:rank |
2
|
gptkbp:relatedTo |
Sensitive Data Exposure
|
gptkbp:replacedBy |
A3:2017 – Sensitive Data Exposure
|
gptkbp:bfsParent |
gptkb:OWASP_Top_10
|
gptkbp:bfsLayer |
6
|