{"id":53413,"date":"2014-07-23T14:14:29","date_gmt":"2014-07-23T14:14:29","guid":{"rendered":"https:\/\/www.checkmarx.com\/?post_type=glossary&#038;p=8824"},"modified":"2024-05-28T11:15:59","modified_gmt":"2024-05-28T11:15:59","slug":"how-to-properly-defend-against-man-in-the-middle-attacks","status":"publish","type":"glossary","link":"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/","title":{"rendered":"Man-In-The-Middle (MiM) Attacks"},"content":{"rendered":"<p>A Man-in-the-Middle (MiM) attack is a unique type of session hijacking that many companies face during the flow of communication data between client and server. This occurs when a malicious attacker is able to trick the client into believing he is the server and he tricks the server into believing he is the client. In this manner, the attacker is able to access and manipulate information that is intended to be communicated between the client and server only.<br>\n<span style=\"color: #333333;\"><!--more--><\/span><br>\nThere are many different types of sites that are targeted by MiM attacks, but attackers typically target sites such as banks or other financial institutions which can be used for commercial profit. The attacker uses the MiM attack to gain access to the communication flow of sensitive data.<\/p>\n<p><b>The effects of MiM attacks on companies<\/b><br>\nIf an attacker is able to successfully pull off a MiM attack, he will have access to the flow of company data between two points. The attacker can manipulate this data for his own benefit. For instance, if a MiM attacker has successfully breached the communication flow between the company server and a financial institution, he may be able to manipulate the data in order to have funds transferred to his bank instead of the intended account.<\/p>\n<p>Let&#8217;s say that a company employee is attempting to withdraw money to his account. The employee sends the account number across the internet to the financial institution servers which will process the command. The MiM attacker intercepts the flow of data and changes the account number from the employee&#8217;s account number to another account number. The malicious command is then sent to the financial institution which then processes the request of withdrawing money to the wrong account.<\/p>\n<p><b>How to avoid MiM attacks<\/b><br>\nA vulnerability scan is the most common method for detecting malicious code and vulnerabilities. The problem with vulnerability scanners is that they only find specific vulnerabilities. Penetration testing is a more effective method as it utilizes the services of skilled hackers who attempt every possible type of attack they know to find vulnerabilities in the source code. After years of extensive application development and testing, today&#8217;s top SAST providers\u00a0have developed effective vulnerability testing to locate these vulnerabilities.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A Man-in-the-Middle (MiM) attack is a unique type of session hijacking that many companies face during the flow of communication data between client and server. This occurs when a malicious attacker is able to trick the client into believing he is the server and he tricks the server into believing he is the client. In [&hellip;]<\/p>\n","protected":false},"author":11,"featured_media":0,"template":"","glossary-tags":[],"class_list":["post-53413","glossary","type-glossary","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Man-In-The-Middle (MiM) Attacks - Checkmarx<\/title>\n<meta name=\"description\" content=\"The effects of MiM attacks on companies - How to Properly Defend Against Man-In-The-Middle Attacks?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Man-In-The-Middle (MiM) Attacks - Checkmarx\" \/>\n<meta property=\"og:description\" content=\"The effects of MiM attacks on companies - How to Properly Defend Against Man-In-The-Middle Attacks?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"Checkmarx\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-28T11:15:59+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@checkmarx\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/\",\"url\":\"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/\",\"name\":\"Man-In-The-Middle (MiM) Attacks - Checkmarx\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/#website\"},\"datePublished\":\"2014-07-23T14:14:29+00:00\",\"dateModified\":\"2024-05-28T11:15:59+00:00\",\"description\":\"The effects of MiM attacks on companies - How to Properly Defend Against Man-In-The-Middle Attacks?\",\"breadcrumb\":{\"@id\":\"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Glossary\",\"item\":\"https:\/\/checkmarx.com\/glossary\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Man-In-The-Middle (MiM) Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/checkmarx.com\/#website\",\"url\":\"https:\/\/checkmarx.com\/\",\"name\":\"Checkmarx\",\"description\":\"The world runs on code. We secure it.\",\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/checkmarx.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/checkmarx.com\/#organization\",\"name\":\"Checkmarx\",\"url\":\"https:\/\/checkmarx.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"width\":1,\"height\":1,\"caption\":\"Checkmarx\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\",\"https:\/\/x.com\/checkmarx\",\"https:\/\/www.youtube.com\/user\/CheckmarxResearchLab\",\"https:\/\/www.linkedin.com\/company\/checkmarx\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Man-In-The-Middle (MiM) Attacks - Checkmarx","description":"The effects of MiM attacks on companies - How to Properly Defend Against Man-In-The-Middle Attacks?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/","og_locale":"en_US","og_type":"article","og_title":"Man-In-The-Middle (MiM) Attacks - Checkmarx","og_description":"The effects of MiM attacks on companies - How to Properly Defend Against Man-In-The-Middle Attacks?","og_url":"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/","og_site_name":"Checkmarx","article_publisher":"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","article_modified_time":"2024-05-28T11:15:59+00:00","twitter_card":"summary_large_image","twitter_site":"@checkmarx","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/","url":"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/","name":"Man-In-The-Middle (MiM) Attacks - Checkmarx","isPartOf":{"@id":"https:\/\/checkmarx.com\/#website"},"datePublished":"2014-07-23T14:14:29+00:00","dateModified":"2024-05-28T11:15:59+00:00","description":"The effects of MiM attacks on companies - How to Properly Defend Against Man-In-The-Middle Attacks?","breadcrumb":{"@id":"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/checkmarx.com\/glossary\/how-to-properly-defend-against-man-in-the-middle-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Glossary","item":"https:\/\/checkmarx.com\/glossary\/"},{"@type":"ListItem","position":2,"name":"Man-In-The-Middle (MiM) Attacks"}]},{"@type":"WebSite","@id":"https:\/\/checkmarx.com\/#website","url":"https:\/\/checkmarx.com\/","name":"Checkmarx","description":"The world runs on code. We secure it.","publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/checkmarx.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/checkmarx.com\/#organization","name":"Checkmarx","url":"https:\/\/checkmarx.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","width":1,"height":1,"caption":"Checkmarx"},"image":{"@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","https:\/\/x.com\/checkmarx","https:\/\/www.youtube.com\/user\/CheckmarxResearchLab","https:\/\/www.linkedin.com\/company\/checkmarx"]}]}},"_links":{"self":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/glossary\/53413","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/glossary"}],"about":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/types\/glossary"}],"author":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/users\/11"}],"version-history":[{"count":0,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/glossary\/53413\/revisions"}],"wp:attachment":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media?parent=53413"}],"wp:term":[{"taxonomy":"glossary-tags","embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/glossary-tags?post=53413"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}