Episode 11 - OWASP Top 10: Security Misconfigurations

The OWASP Top 10 is a widely-used resource for web application security.  With the global security community weighing in and contributing, the Top 10 is full of helpful information.  This week, Mike Miller dives into just one of the Top 10 that appears year after year: Security Misconfigurations.

What to Know -

OWASP is frequently referred to by pen testers and security professionals for industry best practices when discussing web app pen testing.  Security misconfigurations is just 1 of the OWASP Top 10 items.

Why You Should Care - 

Security misconfigurations can be due to simple oversight, such as leaving default usernames and passwords or leaving ports open.  These types of oversight can be simple mistakes or not having the expertise to understand the risk of leaving these items as-is.  A simple error with configuration can easily allow an attacker to make their way into your network.

Read Mike Miller's blog on OWASP's Security Misconfigurations HERE.