Secure by Design

A regular digest of useful info about Secure by Design – what it is, why it matters, and tips on proactive security.

Subscribe to the newsletter →

Part Four

Unlocking the OWASP ASVS for Secure by Design

Coming soon

Part Five

Staying ahead: the importance of proactive security in software development

Coming soon

Part Six

Harnessing AI for proactive security in Secure by Design

Coming soon

Part Seven

Overcoming common challenges in implementing Secure by Design

Coming soon

Part Eight

Cultivating a security-first culture for Secure by Design

Coming soon

Part Nine

Navigating security compliance and standards for Secure by Design

Coming soon

Part Ten

The economics of secure software development

Coming soon

Part Eleven

Real–world success stories of Secure by Design

Coming soon

Part Twelve

The future of secure software development

Coming soon

part-three

04 Mar 25

If you're struggling to know where to start with Secure by Design, there are few better places than the OWASP Top 10 - but what is it and why does it matter?

05 Mar 25

It's number one on OWASP's Top 10, but what exactly is 'Broken Access Control'? Let’s take a look.

06 Mar 25

Cryptographic Failures, number two on OWASP's Top 10, is one of the easiest to find real-world examples of damaging attacks. But what exactly are they and where can you start in preventing them.

11 Mar 25

Injection vulnerabilities have been a security risk for decades - and they're still a major issue today, appearing in the number three slot on the OWASP Top 10. Let's take a closer look at what they are.

12 Mar 25

Insecure design is one of the most fundamental security risks in the OWASP Top 10, and a big inspiration for building Perceptive. But what exactly is it? Let’s take a look.

13 Mar 25

Did you know that misconfigurations are one of the most common and overlooked security risks in modern apps? So much so that OWASP ranks it at no.5 in its Top 10. But what exactly is security misconfiguration, how is it exploited, and - most importantly - how can you prevent it?

18 Mar 25

Outdated components are a silent security risk - but one that attackers love to exploit. That's why OWASP ranks it at no.6 in its Top 10. But what exactly is the risk, how do attackers take advantage of it, and how can you prevent it?

19 Mar 25

Ranking no.7 on the OWASP's Top 10, identification and authentication failures cover insecure practices in user authentication. But what exactly falls under this category, how do attackers abuse it, and how can you prevent it?

20 Mar 25

A newer addition to the OWASP Top 10, software and data integrity failures (no.8) focus on supply chain risks, unverified updates, and tampered data. When applications fail to check the authenticity and integrity of code, configurations, or dependencies, attackers exploit this trust to insert malicious software, hijack pipelines, or deploy unauthorised code.

26 Mar 25

Security logging and monitoring failures rank no.9 on the OWASP Top 10 - and for good reason. If you're not capturing and reviewing key security events, attackers may breach your system and remain undetected for weeks or even months.

27 Mar 25

Server-Side Request Forgery (SSRF) might be last on the OWASP Top 10, but it's far from low risk. By tricking a server into making unintended requests, attackers can bypass firewalls, steal cloud credentials, or pivot deeper into internal systems. Let's break it down.

Built in the UK. Securing products worldwide.

Logical Peak Ltd. ©