Insecure design is a new category in the OWASP Top 10 in 2021. Listed at #4, it is a broad category related to critical design and architectural flaws in web applications that hackers can exploit. 

Insecure designs can’t be fixed by a perfect implementation. They require security controls to mitigate the threats. In this video, Jonathan Knudsen, head of global research at the Cybersecurity Research Center, demonstrates an example of an insecure design flaw with a banking application. Viewers also learn what security controls are necessary to mitigate risks associated with insecure design flaws.

Learn more about the OWASP Top 10

Continue Reading

Explore Topics

Agile, CI/CD
AppSec Best Practices
AI Code Security
Build Security into DevOps
Cloud Security
Compliance
Container Security
CyRC
DevSecOps
DAST
Fuzzing
IAST
M&A
Manage Security Risks
OSS License Compliance
SAST
SCA
Secure the Software Supply Chain
Security News & Trends
Web Application Security