OWASP Top Ten - Security Misconfiguration

Security configuration errors can occur in an application, including platform, web server, application server, database, architecture, and custom code. Attackers give priority to authorized access to the system by accessing accounts, unused web pages, vulnerabilities of uninstalled patches, protected files and directories, etc.

Impact

The system may be completely compromised under unknown circumstances, and user data may be stolen or tampered with over time. Even lead to complete destruction of the entire system

Prevent

1. Automated installation and deployment
2. Know and deploy every temporary software update and patch information in time
3. Implement breakthrough scanning and security audits