iirai costner

One of my assignments prompted our class the following:

Using the list below, pick two types of vulnerabilities and make a recommendation to remediate that vulnerability.

• Bugs
• Weak passwords
• Software that is already infected with virus
• Missing data encryption
• OS command injection
• SQL injection
• Buffer overflow
• Missing authorization
• Use of broken algorithms
• URL redirection to untrusted sites
• Path traversal
• Missing authentication for critical function
• Unrestricted upload of dangerous file types
• Dependence on untrusted inputs in a security decision
• Cross-site scripting and forgery
• Download of codes without integrity checks

Here's my response to that prompt:

It's an interesting exercise, and I plan on doing more blog posts to come up with remediation recommendations for the other types listed above. Is there another vulnerability type not listed here you want me to "remediate" for you? Let me know in the comments. Thanks!