Demo Series: Protect Web Servers Against Memory Scraping

Demo Series: Protect Web Servers Against Memory Scraping
Published on
Nov 7, 2023
In this video, we will show you how Anjuna Confidential Computing Platform can safeguard your web server against memory-scraping attacks that can compromise sensitive data.
https://www.anjuna.io/blog/demo-series-protect-web-servers-against-memory-scraping

In this video, we will show you how Anjuna Confidential Computing Platform can safeguard your web server against memory-scraping attacks that can compromise sensitive data.

Application Data Vulnerability

Imagine a typical multi-tier app architecture with several components, including a browser and a web server. For the sake of simplicity, we will only focus on these two components. 

Let’s start by simulating an end-user registration process where sensitive data is provided. As users, we can see the padlock icon and https in the browser, which makes us believe our data is secure when we click submit. But what happens if the web server is breached by an attacker? Even when data is encrypted at rest and in transit, that same data is always visible when used by the application.

How Attackers Gain Access and Extract Data

Now, let’s play the role of an attacker who has gained root access to the web server and wants to exploit this vulnerability. As the attacker, we can scrape clear text data from the server’s memory by running a few simple commands. First, we’ll look for the process ID of the application, which we’ll then use to generate a core dump of the memory, and ultimately, we will search through that core dump trying to find interesting data. You can see that we can easily access personally identifiable information, or PII, data stored in the server’s memory.

Securing Your Application With Anjuna

Now, let’s see how Anjuna can protect the web server. Administrators invoke the Anjuna Confidential Runtime, which leverages new hardware capabilities in the Cloud to protect data in use. Anjuna creates a secure enclave for this webserver to operate within, providing unparalleled protection against cyber threats. As you can see in the terminal, Anjuna secures your application with one simple command, and the best part — you don’t have to re-engineer your application to get this protection.

Eliminate Attack Threats With Anjuna

Now, we’re back in the role of the attacker. With Anjuna deployed, even though we still have the same level of access and I’m running the same command, we can no longer access the PII data in the memory. The Anjuna Confidential Computing Platform instantly eliminates the threat of memory scraping attacks, keeping your sensitive data safe and secure.

Secure Your Sensitive Data With Anjuna

Try it out today and experience the peace of mind that comes from knowing your sensitive data is secured.

Learn more about the capabilities of the Anjuna Confidential Computing Platform by scheduling your own live demo.

More like this
Governance, zero trust, and data-in-use: What you need to know about NIST CSF 2.0
Governance, zero trust, and data-in-use: What you need to know about NIST CSF 2.0
Prevent Accidental Secret Breaches with Anjuna and GitLab
Is your security more like a seatbelt, or an elevator brake?
Get Started Free with Anjuna Seaglass

Try free for 30 days on AWS, Azure or Google Cloud, and experience the power of intrinsic cloud security.

Start Free
Anjuna Platform and Features