Skip main navigation

Sensitive Data Exposure Mitigation

This article reiterates what makes data vulnerable within an application and prepares users for the demonstration in the next video.
A padlock standing on a screen of binary data

What makes an application vulnerable?

If your application does not use secure protocols, such as HTTPS, it will transmit data in clear text, both internally and over the internet. This leaves your data vulnerable, and anyone who is able to access your network traffic or intercept your traffic over the web will have access to the data. This is also valid for data in rest: if you are storing data in clear text, including backup files, then it is vulnerable.

Sensitive data needs to be well protected. Old or weak cryptographic algorithms, and default or weak cryptographic keys, do not offer sufficient protection for sensitive data. Even the strongest cryptographic algorithms can be undermined. Commonly, system admins weaken their system when cryptographic keys are reused or when there is improper key management and rotation. Encryption also needs to be consistently enforced: if the server supports encryption but not all data is encrypted or if the system does not verify certificates from outside sources, then all your data becomes vulnerable.

Sensitive data, therefore, requires a high level of security that needs to be enforced in several ways. In the following videos, you will learn how to target credit card details, which are particularly appealing to hackers.

This article is from the free online

Advanced Cyber Security Training: OWASP Top 10 and Web Application Fundamentals

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education