A regular digest of useful info about Secure by Design – what it is, why it matters, and tips on proactive security.
part-three
04 Mar 25
If you're struggling to know where to start with Secure by Design, there are few better places than the OWASP Top 10 - but what is it and why does it matter?
05 Mar 25
It's number one on OWASP's Top 10, but what exactly is 'Broken Access Control'? Let’s take a look.
06 Mar 25
Cryptographic Failures, number two on OWASP's Top 10, is one of the easiest to find real-world examples of damaging attacks. But what exactly are they and where can you start in preventing them.
11 Mar 25
Injection vulnerabilities have been a security risk for decades - and they're still a major issue today, appearing in the number three slot on the OWASP Top 10. Let's take a closer look at what they are.
12 Mar 25
Insecure design is one of the most fundamental security risks in the OWASP Top 10, and a big inspiration for building Perceptive. But what exactly is it? Let’s take a look.
13 Mar 25
Did you know that misconfigurations are one of the most common and overlooked security risks in modern apps? So much so that OWASP ranks it at no.5 in its Top 10. But what exactly is security misconfiguration, how is it exploited, and - most importantly - how can you prevent it?
18 Mar 25
Outdated components are a silent security risk - but one that attackers love to exploit. That's why OWASP ranks it at no.6 in its Top 10. But what exactly is the risk, how do attackers take advantage of it, and how can you prevent it?
19 Mar 25
Ranking no.7 on the OWASP's Top 10, identification and authentication failures cover insecure practices in user authentication. But what exactly falls under this category, how do attackers abuse it, and how can you prevent it?
20 Mar 25
A newer addition to the OWASP Top 10, software and data integrity failures (no.8) focus on supply chain risks, unverified updates, and tampered data. When applications fail to check the authenticity and integrity of code, configurations, or dependencies, attackers exploit this trust to insert malicious software, hijack pipelines, or deploy unauthorised code.
26 Mar 25
Security logging and monitoring failures rank no.9 on the OWASP Top 10 - and for good reason. If you're not capturing and reviewing key security events, attackers may breach your system and remain undetected for weeks or even months.
27 Mar 25
Server-Side Request Forgery (SSRF) might be last on the OWASP Top 10, but it's far from low risk. By tricking a server into making unintended requests, attackers can bypass firewalls, steal cloud credentials, or pivot deeper into internal systems. Let's break it down.
Built in the UK. Securing products worldwide.
Logical Peak Ltd. ©
