This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Uncategorized

Defensive Scripting

Pssst… we can write an original essay just for you.

Any subject. Any type of essay. We’ll even meet a 3-hour deadline.

GET YOUR PRICE

writers online

Defensive Scripting

Introduction

Defensive scripting is a complex example of a defensive security design which is mainly intended to ensure that a piece of software or network solution can continue performing is desired functions under unforeseen circumstances. Most cases where defensive scripting is considered crucial and important is where safety, high availability and security is required. Defensive scripting is an approach highly recommended to developers and security experts to adopt for it improve software source code design and the software performance in terms of its security (Gupta, 2014). Furthermore, it improves by making sure that a network or software behaves in a predictable custom which can easily be analysed, understood and acted upon to improve on its security or mitigate against a threat.

Defensive scripting also makes code audit approval for source codes a much easier process for the source codes are designed to be much more comprehensible, in that it is much more understandable and readable to all personnel with the necessary access authorization. Overly, defensive scripting is also used in safeguarding company assets against errors, or vulnerabilities which may not be immediately identified, or ever encountered. Thus, incurring both maintenance and run-time costs, while improving on its security. Additional important aspects concerning defensive scripting that users should take notice of in the field of software development is that;

  1. Defensive scripting is an easy concept to define in abstract terms.
  2. It is often a difficult aspect, concept and practice for most beginners to grasp.
  • It is not easy to define beyond its insignificant examples, and most specific rules.
  1. Once it is internalized, its implementation process becomes rather easy.

 

With regards to its abstract rationale, defensive scripting may majorly be viewed in the setting of: In most security incentive systems, it is barely sufficient to produce source codes which only covers instance under “good-weather scenarios.” Instead, during processes such as the implementation of functionality and the design of interfaces, it is highly recommended that security experts should always take into consideration various cases which could potentially go wrong, and as such incorporate respective and reliable countermeasures (Mahmoud, 2017). The latter question should not only include possible runtime errors such as memory and data corruption but ensure to address possible vulnerabilities and exploitation possibilities which could be a threat vector to the general integrity of the entire system.

An example of a defensive scripting technique is the use of canonicalization. As technology and security strategies continue to innovate, malicious attackers adapt to this trend by also introducing new attack techniques against organizational data, systems and security devices. For instance, an attacker may decide on conducting their attack by introducing various types of representing incorrect data. For example, in the case of Linux based distribution, a security program may be configured to reject any attempts of access to the files located in “/etc/passwd,” however, after identifying this security policy, an attacker may pass a different variant such as “/etc/. /passwd.” Hence, during the development phase, the use of reputable canonicalization libraries can prove to be very important towards improving security by ensuring to avoid such bugs as a result of non-canonical input.

 

 

 

 

 

References

Mahmoud, S. K., Alfonse, M., Roushdy, M. I., & Salem, A. B. M. (2017, December). A comparative analysis of Cross-Site Scripting (XSS) detecting and defensive techniques. In 2017 Eighth International Conference on Intelligent Computing and Information Systems (ICICIS) (pp. 36-42). IEEE.

Gupta, M. K., Govil, M. C., & Singh, G. (2014, May). Static analysis approaches to detect SQL injection and cross-site scripting vulnerabilities in web applications: A survey. In International Conference on Recent Advances and Innovations in Engineering (ICRAIE-2014) (pp. 1-5). IEEE.

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask