Litcius/Paper detail

Security misconfigurations and how to prevent them

Sergio Loureiro

2021Network Security20 citationsDOI

Abstract

Security misconfigurations present serious trouble when security settings are not properly defined and implemented and default values are retained. Usually, this means the configuration settings do not comply with industry security standards such as the Center for Internet Security (CIS) benchmarks, OWASP Top 10 etc, which are critical to ensuring smooth business continuity, security maintenance and a reduction in business risk. 1,2 Security misconfigurations present serious trouble when security settings are not properly defined and implemented and default values are retained. For a seasoned cyber criminal, misconfigurations present easy targets, as it's often simple to detect misconfigured web servers, cloud instances and applications, which then become exploitable. Sergio Loureiro of SecludIT explains that it's important to ensure that your technology stack is built with security by design.

Topics & Concepts

Computer scienceComputer securityCloud computingOperating systemNetwork Security and Intrusion DetectionInformation and Cyber SecuritySoftware System Performance and Reliability