Back to Catalog
Owasp Security
top10_2025
A08:2025 - Software or Data Integrity Failures
Code and infrastructure that does not protect against integrity violations.
Intent & Description
'
🎯 Intent
Ensure the integrity of code, data, and infrastructure throughout the software lifecycle.
📋 Context
Applications that rely on plugins, libraries, or modules from untrusted sources, CDNs, or insecure CI/CD pipelines without verifying integrity. Auto-update mechanisms without integrity verification are vulnerable.
💡 Solution
Use digital signatures to verify software and data integrity. Ensure CI/CD pipelines have proper segregation and access controls. Do not send unsigned or unencrypted serialized data to untrusted clients.'
Real-world Use Case
Use when managing deployments, updates, data serialization, or any system where code/data integrity is critical.
📌 TL;DR
Verify integrity of all code and data. Sign artifacts, secure CI/CD pipelines, and validate serialized data.
Advantages
- Prevents tampering with code and data
- Secures deployment pipelines
- Protects against malicious updates
- Ensures data authenticity
Disadvantages
- Signature infrastructure adds complexity
- Performance overhead for integrity checks
- Requires secure key management