OWASP Top 10: Insecure design

Authored by Cybersecurity Research Center

Mar 14, 2023 / 1 min read

CyRC Developer Series: #4 Insecure Design - OWASP Top 10 2021

Watch the short video to get a close look at an insecure design flaw with a banking application.

Video Player is loading.

Current Time 0:00

Duration 2:25

Loaded: 0.00%

Stream Type LIVE

Remaining Time 2:25

Insecure design is a new category in the OWASP Top 10 in 2021. Listed at #4, it is a broad category related to critical design and architectural flaws in web applications that hackers can exploit.

Insecure designs can’t be fixed by a perfect implementation. They require security controls to mitigate the threats. In this video, Jonathan Knudsen, head of global research at the Cybersecurity Research Center, demonstrates an example of an insecure design flaw with a banking application. Viewers also learn what security controls are necessary to mitigate risks associated with insecure design flaws.

Learn more about the OWASP Top 10

Security News & Trends

Continue Reading

What you need to know about the NIST Secure Software Development Framework

By Fred Bals

Aug 12, 2025 / 5 min read

Tags: Security News & Trends, Build Security into DevOps, Awareness, Secure the Software Supply Chain, AppSec Best Practices, Manage Security Risks, Public Sector