Software and Data Integrity Failures

GPTKB entity

Statements (23)
Predicate Object
gptkbp:instanceOf OWASP Top 10 Category
gptkbp:category A08
gptkbp:example insecure deserialization
CI/CD pipeline flaws
dependency confusion
insecure libraries
insecure plugins
insecure software updates
gptkbp:focusesOn integrity of software and data
https://www.w3.org/2000/01/rdf-schema#label Software and Data Integrity Failures
gptkbp:includes code and infrastructure that does not protect against integrity violations
gptkbp:mitigatedBy implement integrity checks
secure CI/CD pipelines
use digital signatures to verify software and data
use trusted repositories
gptkbp:partOf OWASP Top 10 2021
gptkbp:replacedBy gptkb:Insecure_Deserialization
gptkbp:riskFactor supply chain attacks
remote code execution
data tampering
attackers can modify software or data
gptkbp:bfsParent gptkb:OWASP_Top_Ten
gptkbp:bfsLayer 5