Software Engineering 6: Security

I discovered that bad actors can access your computers or your credentials using a variety of techniques. These are several techniques and preventative measures:
An attack called SQL injection occurs when a hostile person enters SQL commands into a text field. Instead of concatenating text from the user, utilize prepared SQL queries with parameters. A rogue website may send requests on behalf of a user who is signed into another website in a CSRF attack. The targeted website must always include a CSRF token in its response to each request as a workaround and demand that the token be supplied back in the subsequent request.In an XSS attack, JavaScript code is entered by a malicious user to deceive other users into visiting a hostile website. The solution is to refuse user input that contains angle brackets or to escape them. A web page can request resources from another domain via the CORS technique. The issue is that a user's queries to a trusted server can be made on their behalf by a malicious server. The @CrossOrigin annotation in the @RestController of the trusted server is the answer.
Attacks known as denial of service happen when a hacker bombards a website with so many requests that it becomes unusable. Finding and blocking the rogue websites issuing requests is the solution.

We also learned about Oauth2, a technique that enables users to authorize access to resources on another website to third-party applications without disclosing their login credentials. Both authentication and authorization can be accomplished using OAuth2. Authentication makes guarantee that only permitted users have access to confidential data, preventing data breaches and online assaults. You can manage who has access to your system, what they can do, and what information they can access by using authentication. OAuth2 enhances user experience and lowers the chance of credential theft by enabling users to authorize access to their resources without disclosing their credentials. OAuth2 makes it simple to interact with other programs and systems, which can enhance productivity and streamline processes. it is