Introduction to A8: Software Data Integrity Failures
Software and Data Integrity Failures happen when applications fail to protect against unauthorized changes to code, configuration, or data. This includes relying on untrusted plugins, libraries, or CI/CD pipelines without verifying their integrity. Attackers can exploit these weaknesses to introduce malicious code or tamper with updates. Common issues include missing signature checks on software updates, insecure deserialization, or lack of validation for critical data changes.
OWASP A08:2021 Software and Data Integrity Failures
