OWASP Top 10: Security misconfiguration
Listed at #5 in the OWASP Top 10 list, security misconfiguration refers to vulnerabilities that result from an application’s configuration.
As with insecure design, security misconfiguration is a broad category within the OWASP Top 10. These types of misconfigurations can occur at any level of an application stack, so it’s critical for DevSecOps teams to work together to ensure the entire stack is properly set up.
In this video, we discuss three examples of security misconfiguration and the mitigation tactics needed to ensure web applications don’t fall victim to misconfiguration vulnerabilities.
