Software and Data Integrity Failures
GPTKB entity
Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
OWASP Top 10 Category
|
| gptkbp:category |
A08
|
| gptkbp:example |
insecure deserialization
CI/CD pipeline flaws dependency confusion insecure libraries insecure plugins insecure software updates |
| gptkbp:focusesOn |
integrity of software and data
|
| https://www.w3.org/2000/01/rdf-schema#label |
Software and Data Integrity Failures
|
| gptkbp:includes |
code and infrastructure that does not protect against integrity violations
|
| gptkbp:mitigatedBy |
implement integrity checks
secure CI/CD pipelines use digital signatures to verify software and data use trusted repositories |
| gptkbp:partOf |
OWASP Top 10 2021
|
| gptkbp:replacedBy |
gptkb:Insecure_Deserialization
|
| gptkbp:riskFactor |
supply chain attacks
remote code execution data tampering attackers can modify software or data |
| gptkbp:bfsParent |
gptkb:OWASP_Top_Ten
|
| gptkbp:bfsLayer |
5
|