🎁 New User? Get 20% off your first purchase with code NEWUSER20 Register Now →
Menu

Categories

Security Beginner

What is Principle of Least Privilege?

A security principle where users and programs receive only the minimum access rights needed to perform their specific tasks.

Least privilege minimizes the damage potential of compromised accounts, bugs, and insider threats. Implementation includes: database users with table-specific permissions (not superuser), application service accounts with restricted file system access, IAM roles with specific actions on specific resources, sudo rules for specific commands (not ALL), container processes running as non-root, and API keys with scoped permissions. In PostgreSQL, GRANT SELECT ON specific_table TO app_user is preferred over granting all privileges. This principle applies at every level: operating system, database, application, API, and cloud infrastructure. Regular access reviews ensure privileges stay minimal.

Related Terms

Firewall Rules
Configuration entries that define which network traffic is allowed or blocked based on source, destination, port, and protocol.
Supply Chain Attack
A cyberattack that targets less-secure elements in the software supply chain to compromise downstream users and organizations.
XSS (Cross-Site Scripting)
An attack that injects malicious scripts into web pages viewed by other users, potentially stealing data or session tokens.
PKI (Public Key Infrastructure)
A framework of policies, hardware, and software for creating, managing, distributing, and revoking digital certificates.
DDoS (Distributed Denial of Service)
An attack that floods a target server or network with traffic from multiple sources to overwhelm it and deny service to legitimate users.
SIEM (Security Information and Event Management)
A platform that collects, correlates, and analyzes security events from across an organization to detect threats and incidents.
 View All Security Terms →