A02:2021 – Cryptographic Failures
GPTKB entity
Statements (29)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
OWASP Top 10 Category
|
| gptkbp:category |
Web Application Security Risk
|
| gptkbp:example |
failure to rotate keys
storing passwords without hashing transmitting sensitive data in cleartext using deprecated SSL/TLS versions using hard-coded cryptographic keys |
| gptkbp:focusesOn |
lack of encryption
weak cryptographic algorithms cryptographic weaknesses data protection failures improper key management insecure transmission of data use of outdated protocols |
| gptkbp:hasOWASPPage |
https://owasp.org/Top10/A02_2021-Cryptographic_Failures/
|
| https://www.w3.org/2000/01/rdf-schema#label |
A02:2021 – Cryptographic Failures
|
| gptkbp:mitigatedBy |
do not use deprecated cryptographic protocols
enforce secure transmission protocols implement proper key management store passwords using strong hashing algorithms use strong encryption algorithms |
| gptkbp:partOf |
OWASP Top 10:2021
|
| gptkbp:publishedBy |
gptkb:OWASP
|
| gptkbp:publishedIn |
2021
|
| gptkbp:rank |
2
|
| gptkbp:relatedTo |
Sensitive Data Exposure
|
| gptkbp:replacedBy |
A3:2017 – Sensitive Data Exposure
|
| gptkbp:bfsParent |
gptkb:OWASP_Top_10
|
| gptkbp:bfsLayer |
6
|