LOGBOOK

HELP

Quiz Entry - updated: 2026.06.20

What is an attack chain and why is "breaking the chain" important?

An attack chain links several weaker bugs into one serious exploit; "breaking the chain" means you only have to fix one link to defeat the whole attack — which is why defense-in-depth pays off.

Attack chains combine multiple vulnerabilities for greater impact:

Example chain: XS-Leaks + CSRF + XSS

  1. XS-Leaks: Detect if user is logged in
  2. CSRF: Force authenticated action (if logged in)
  3. XSS: Execute script in victim's session

Breaking the chain:

  • You don't need to fix ALL vulnerabilities
  • Fixing ANY link breaks the entire chain
  • Defense-in-depth: multiple layers mean attacker must bypass all

Strategy: Prioritize fixes that break the most chains, but implement protections for all vulnerability types.

From Quiz: SPRG / Input Validation & Output Encoding | Updated: Jun 20, 2026