Cryptographic Failures: OWASP Top 10 A02 Explained with Examples

In this video, we dive deep into cryptographic failures, the second most critical vulnerability in the OWASP Top 10. Cryptographic vulnerabilities can expose sensitive data, lead to breaches, and compromise entire systems. We explore what cryptographic failures are, the common causes behind them, and how to avoid them. Using the Freecycle breach as a real-world case study, we examine the devastating consequences of using weak cryptographic algorithms.

We'll also discuss best practices for preventing cryptographic failures, from implementing strong encryption protocols to avoiding pitfalls in encryption key management. Additionally, we introduce some powerful tools—both commercial and open-source—that can help identify and mitigate cryptographic vulnerabilities before they become an attacker's gateway.

By the end of this video, you'll have a solid understanding of how cryptographic failures occur, how to prevent them, and what tools can assist in securing your applications.

Open-source tools
SAST - Bandit -https://github.com/PyCQA/bandit (python)
DAST - Zap - https://github.com/zaproxy/zaproxy
Secrets Detection -GitLeaks - https://github.com/gitleaks/gitleaks
SCA - Trivy - https://github.com/aquasecurity/trivy

Aikido Security Platform
https://aikido.dev

OWASP advice
https://owasp.org/Top10/A02_2021-Cryp...

0:00 intro
0:23 What are cryptographic failures
0:34 Causes of cryptographic failures
0:55 Weak or deprecated cryptographic algorithms
1:15 Why MD5 is broken
1:34 Freecycle breach
2:00 Poor key management
2:57 Preventing cryptographic failures
3:57 Tools to prevent cryptographic failures
4:58 Outro and plea for subscribers