🎁 New User? Get 20% off your first purchase with code NEWUSER20 Register Now →
Menu

Categories

Security Beginner

What is Principle of Least Privilege?

A security principle where users and programs receive only the minimum access rights needed to perform their specific tasks.

Least privilege minimizes the damage potential of compromised accounts, bugs, and insider threats. Implementation includes: database users with table-specific permissions (not superuser), application service accounts with restricted file system access, IAM roles with specific actions on specific resources, sudo rules for specific commands (not ALL), container processes running as non-root, and API keys with scoped permissions. In PostgreSQL, GRANT SELECT ON specific_table TO app_user is preferred over granting all privileges. This principle applies at every level: operating system, database, application, API, and cloud infrastructure. Regular access reviews ensure privileges stay minimal.

Related Terms

WAF (Web Application Firewall)
A security solution that filters and monitors HTTP traffic between a web application and the internet, blocking common attacks.
CORS (Cross-Origin Resource Sharing)
A browser security mechanism that controls which web domains can access resources from another domain via HTTP requests.
Security Audit
A systematic examination of an information system to assess compliance with security policies, identify vulnerabilities, and verify controls.
Phishing
A social engineering attack that uses fraudulent communications to trick people into revealing sensitive information or installing malware.
SOC (Security Operations Center)
A centralized team and facility responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats 24/7.
Content Security Policy (CSP)
An HTTP security header that controls which resources a browser is allowed to load for a web page, preventing XSS and data injection.
 View All Security Terms →