Software and Data Integrity Failures — OWASP A08:2021

A detailed guide on software and data integrity risks, common vulnerabilities, real-world examples, and prevention strategies.

Understanding Software and Data Integrity Failures

What Are Software and Data Integrity Failures?

Software and Data Integrity Failures occur when an application fails to ensure the authenticity and integrity of its software components, critical data, or development processes. Attackers can exploit these flaws to inject malicious code, tamper with data, or compromise the system through unverified updates or unsafe dependencies.

These failures are particularly relevant in modern applications that depend on external libraries, public repositories, and automated CI/CD pipelines.

Common Vulnerabilities and Examples

Insecure Deserialization: Deserializing untrusted data without validation can allow attackers to execute arbitrary code or manipulate application logic.
Example: An attacker crafts a malicious payload for a serialized object passed in a request, gaining control of the application server.
Unverified Updates/Dependencies: Downloading and installing software updates or libraries without cryptographic signature checks or hash validation.
Example: The SolarWinds Orion supply chain attack, where malicious code was injected into a legitimate software update.
Compromised CI/CD Pipelines: Misconfigured build or deployment pipelines allow injection of unauthorized code or modified artifacts into production.
Example: A misconfigured build script allows a malicious dependency to exfiltrate data from the application.
Data Authenticity Failures: Failing to validate the integrity or source of data, especially when used in security decisions.
Example: A cookie storing user privilege levels without verification can be altered to gain elevated access.

Prevention and Mitigation Strategies

Verify Software Integrity: Use digital signatures for updates, packages, and libraries; validate hashes (SHA-256) of downloaded code or container images; employ Software Composition Analysis (SCA) tools to vet dependencies for vulnerabilities.
Secure Data Handling: Implement HMAC or digital signature checks for serialized or sensitive data; avoid deserializing untrusted data, or validate it thoroughly using safe formats like JSON.
Harden CI/CD Pipelines: Apply strict access controls and Multi-Factor Authentication to all repositories, build servers, and deployment environments; ensure build artifacts are immutable once created.
Continuous Monitoring: Regularly scan for tampered dependencies and ensure updates come from verified, trusted sources.
Immutable Artifacts: Ensure that once software artifacts are produced, they cannot be modified before deployment, maintaining integrity across environments.

Key Takeaway

Implementing a "never trust, always verify" approach for software components, data, and deployment processes is essential. By enforcing integrity checks, validating sources, securing pipelines, and monitoring dependencies, organizations can mitigate the risk of software and data integrity failures and protect against tampering or supply chain attacks.