# What you'll learn

After watching this video, you will be able to: 
* Describe Insecure Design, security misconfiguration, and vulnerable and outdated components.
* Explain prevention strategies for insecure design, security misconfiguration, and vulnerable, outdated components.

# What is Insecure Design?

![image.png](attachment:31e3f3a4-58a5-45d1-a6e1-d547597984fe.png)

* Insecure design generally refers to the lack of effective security controls in the design phase of an application.
* This often results in a vulnerable application that’s susceptible to attacks.
* There are no firewalls implemented or no mechanisms in place to prevent brute force attacks, OTP (or One Time Password) Bypass, and other cyber threats.
* Insecure design emphasizes risks - based on the design of the web application and includes any architectural flaws that might be present.
* Even perfect implementations can’t remedy an unsafe design.

# Broken access control prevention

![image.png](attachment:7915fb99-21a1-4f4b-8481-f88fb8947676.png)

* Attackers continually search for vulnerabilities to exploit in your application.
* Security measures are needed to protect against specific attacks and should be considered and implemented as part of the design phase.
* Implementing firewalls and designing other security measures during the design phase of your application will help prevent attacks.
* The use of appropriate security strategies is essential for avoiding insecure design.
* Designing with security in mind ensures your application is as secure as it can be, right from the start.

# Improper error-handling

![image.png](attachment:c4ecdf7c-ad49-4d10-be11-1bc1aaac5b1f.png)

* Error messages are an important part of application development and troubleshooting.
* If something goes wrong with your app, error messages help you fix problems, resulting in an improved user experience.
* But if errors aren’t handled securely, they could expose sensitive information, leading to vulnerabilities that an attacker could exploit.
* Improper error handling in your code could reveal server software version details, where configuration files holding credentials are located, directory structure, system structure, and more.
* This could mean serious consequences for your organization, possibly resulting in data breaches, financial losses, fines, and tarnished reputation.
* Use a secure error-handler to write the details of an error in a log and provide friendly, safe messages to users that don’t reveal sensitive data.

# Improper error-handling examples

![image.png](attachment:63f521df-cd09-4ea1-abf8-b94004e7c1ec.png)

Let’s say there’s an error in the username or password input fields in your application.
* Displaying a factual error that the password is wrong, or the user ID is wrong, is harmful because the process of elimination tells the attacker that one of the entries is correct and they could use that information to their advantage.
* It’s better to state that the username and password entered are incorrect.
* This reveals no specific information to an attacker that they are in possession of all or part of genuine user credentials.

Here’s another example of improper error-handling when an application function has failed: 
* If an error message contains info about the structure of a database table used by the app, that gives the attackers all they need to carry out a SQL injection attack – exposing valuable data such as passwords, account numbers, and credit cards.
* A better way to handle this condition is to have the application write a user-friendly error message to the application user interface (or UI), while also writing a more detailed error in a log that is useful for troubleshooting purposes.

# What is security misconfiguration?

![image.png](attachment:5a436375-dcc3-4e18-8d5c-7e61a4e65431.png)

* Application security misconfiguration is a condition where overlooked configuration weaknesses exist in an application.
* Attackers take advantage of these exploits.
* These include the necessary developer features, such as debug mode and Q/A features, that are dangerously unsafe if not deactivated prior to deployment in a live production environment.
* Attackers can exploit these features and might be able to gain unauthorized access to sensitive information, possibly with elevated privileges.
* Applications containing unnecessary features may inadvertently grant users more permissions than they require.
* Users should only have the minimum permissions necessary to perform a task.
* Always follow the Principle of Least Privilege (or PoLP).

# How can you avoid these security misconfigurations? 

![image.png](attachment:c778c5da-40b9-426f-a57a-40697ae7992c.png)

* Try implementing an application that is free of unneeded parts, features, and documentation.
* Remove any framework or features not needed and do not share default permissions publicly – keep them offline and private.
* During the design phase, check for default usernames, default settings, and permissions.
* Also check for backdoor accounts, configuration files in clear text, and other possible vulnerabilities.
* Remember that security misconfiguration can occur in any part of an application stack.
* Consider security at all levels, including the platform, web server, app server, database, and any custom code you use.
* Preventing security misconfiguration is a team effort and you should include system administrators as part of your strategy.
* By combining the expertise of both Developers and System Administrators, you can ensure the entire stack is properly configured and kept up-to-date.

# Vulnerable and outdated components

* Software applications, operating systems, platforms, and hardware constantly evolve.
* Bugfixes, the addition of new features, firmware updates, and patches are continually released to keep applications up-to-date and ensure functionality with changing technology.
* You must be familiar with the version of each component and nested dependencies used in your application, both client-side and server-side.
* If the core platform, supporting framework, dependencies, and directly used components aren’t regularly updated or upgraded in a timely fashion, they become outdated and leave your application vulnerable to attack.
* Fixes may be available that don’t make their way into your application leaving it vulnerable for days or even months before it gets patched.

# Avoiding risky components

![image.png](attachment:2dfadf2e-c996-4ba7-8930-205237abf66d.png)

* Keep your application free of unused dependencies and features, they add no functionality to your application.
* Could introduce risk if they become outdated or exploited. 
* Create and maintain a list of installed components.
* Track nested dependencies.
* Track updated components for security awareness.
* Keep informed of the latest security risks and vulnerabilities as published by OWASP and CISA.

# Summary

![image.png](attachment:46e154d6-a5bf-427f-9458-67efbfb7f75c.png)

In this video, you learned that: 
* Insecure design refers to a lack of security controls in the design phase of application development.
* Implementing firewalls, and other security measures are essential to protect your application from specific types of attacks.
* Look for and disable dangerous configuration weaknesses in your applications.
* Default usernames and passwords, default settings and permissions, backdoor accounts, and configuration files in clear text should be disabled.
* Security should be considered at all levels of the stack, including the platform, web server, app server, database, and any custom code you use.
* Include system administrators as part of your plan for designing and developing secure applications. 
* Know what’s included inside your app.
* Keep a checklist of components used and which versions are installed.
* Keep your app free of unused dependencies or features which could become vulnerabilities and keep informed of the latest security risks and vulnerabilities as published by OWASP and CISA.