In this blog we are going to learn about the security misconfiguration from the OWASP top 10 .we are learning this from past month and today we cam to the 7th one lets learn about misconfiguration through the picture.
API security anti-pattern for Security Misconfiguration
Security misconfiguration is commonly a result of
insecure default configurations
incomplete or ad-hoc configurations
open cloud storage
misconfigured HTTP headers
unnecessary HTTP methods
permissive Cross-Origin resource sharing (CORS)
and verbose error messages containing sensitive information
The good thing is, that it is relatively easy to fix security misconfiguration and considerably improve the API security as a result.