Date Published: July 20, 2023
The Web Application Security risk vector performs multiple assessments related to web application security. It provides information about components with known vulnerabilities, broken authentication and access control, sensitive data exposure, cross-site scripting prevention mechanisms, and security misconfigurations.
Navigation Options
SPM App: Risks ➔ Findings
CM App: Vendor Risk ➔ Findings
Insurance App: Client Risk ➔ Findings
National Cybersecurity: Vendor Risk ➔ Findings
Finding Details
The details include the data in Findings, Diligence details, and also the following information:
| Field | Description |
|---|---|
| Web App Security Test | Name of the web application security test. |
| Category | Name of the web application security test category. |
| Description | Summary description of the objective of all the tests within this category. |
| Framework References | OWASP and CWE frameworks references that provide context to the applicability of the test. |
| Issue | Description of the issue identified. |
| Details | Description of the possible impacts of the issue identified. |
| Remediation Instructions | Information that will help a user to resolve a negative finding. |
| Total Evidence | The total amount of evidence associated with the finding. |
| Failed Evidence | The amount of failed evidence associated with the finding. |