In this blog we are going to learn about the security misconfiguration from the OWASP top 10 .we are learning this from past month and today we cam to the 7th one lets learn about misconfiguration through the picture.
API security anti-pattern for Security Misconfiguration
Security misconfiguration is commonly a result of
- insecure default configurations
- incomplete or ad-hoc configurations
- open cloud storage
- misconfigured HTTP headers
- unnecessary HTTP methods
- permissive Cross-Origin resource sharing (CORS)
- and verbose error messages containing sensitive information
The good thing is, that it is relatively easy to fix security misconfiguration and considerably improve the API security as a result.
If you have any doubts please ping me in instagram.(__fazalurrahman__)