Security Fundamentals & OWASP
OWASP Top 10 2025: A06-A10 & LLM Top 10
Completing our OWASP coverage with the remaining five web vulnerabilities plus the LLM-specific risks that are increasingly tested in AI security roles.
A06:2025 - Insecure Design
Rank: #6 (was #4 in 2021)
Flaws in the design phase that cannot be fixed by perfect implementation.
Design Flaws vs Implementation Bugs
| Category | Example | Fix |
|---|---|---|
| Insecure Design | No rate limiting designed | Redesign with rate limiting |
| Implementation Bug | Rate limiter bypass | Fix the code |
Interview Scenario
Q: "Design a password reset flow. What security considerations matter?"
Strong Answer:
- Token generation: Cryptographically random, 32+ bytes
- Token expiration: Short-lived (15-60 minutes)
- Single use: Invalidate after use
- Rate limiting: Prevent enumeration
- No user info in URL: Token only
- Secure delivery: Email, not SMS
- Account lockout: After N failed attempts
A07:2025 - Authentication and Identification Failures
Rank: #7 (unchanged)
Weaknesses in authentication mechanisms and session management.
Common Failures
| Failure | Risk | Mitigation |
|---|---|---|
| Weak passwords | Credential stuffing | Password policies, breach checks |
| Missing MFA | Account takeover | Require MFA for sensitive actions |
| Session fixation | Session hijacking | Regenerate session on auth |
| Credential exposure | Mass compromise | Secure storage, rotation |
Interview Code Review
# Find the vulnerabilities
def login(username, password):
user = db.query(f"SELECT * FROM users WHERE username='{username}'")
if user and user.password == password: # Issue 1: SQL injection
session['user_id'] = user.id # Issue 2: Plaintext comparison
return redirect('/dashboard') # Issue 3: No session regeneration
return "Invalid credentials" # Issue 4: Generic error is OK
A08:2025 - Software and Data Integrity Failures
Rank: #8
Failures to verify integrity of code, data, or configurations.
Attack Scenarios
| Scenario | Description | Defense |
|---|---|---|
| Unsigned updates | Malicious update pushed | Code signing, verification |
| Insecure deserialization | RCE via object injection | Avoid deserialization of untrusted data |
| CI/CD tampering | Build pipeline compromise | Signed commits, immutable artifacts |
# Vulnerable deserialization
import pickle
def process_data(serialized):
return pickle.loads(serialized) # RCE if attacker controls input
# Safer alternative
import json
def process_data(serialized):
return json.loads(serialized) # Only data, no code execution
A09:2025 - Security Logging and Alerting Failures
Rank: #9 (expanded from "Insufficient Logging")
Logs without alerting and action provide limited value.
What to Log
| Event | Priority | Retention |
|---|---|---|
| Login attempts (success/fail) | High | 90 days |
| Access control failures | High | 90 days |
| Input validation failures | Medium | 30 days |
| System errors | Medium | 30 days |
Interview Question
Q: "What would you log for a financial transaction API?"
Answer:
{
"timestamp": "2026-01-05T10:30:00Z",
"event_type": "TRANSACTION",
"user_id": "hashed_user_123",
"action": "TRANSFER",
"amount": 1000.00,
"source_ip": "192.168.1.1",
"user_agent": "Mozilla/5.0...",
"request_id": "uuid-xxx",
"result": "SUCCESS",
"latency_ms": 45
}
Key: Log enough for investigation but never log sensitive data (passwords, full card numbers, PII).
A10:2025 - Mishandling of Exceptional Conditions
Rank: #10 (NEW)
When applications don't handle unexpected situations properly.
Common Issues
| Issue | Example | Impact |
|---|---|---|
| Unhandled exceptions | Stack trace in response | Information disclosure |
| Resource exhaustion | No timeout on operations | DoS |
| Race conditions | TOCTOU vulnerabilities | Privilege escalation |
| Fail-open designs | Allow on error | Security bypass |
# Fail-open (WRONG)
def check_authorization(user, resource):
try:
return authorization_service.check(user, resource)
except Exception:
return True # DANGER: Fail-open
# Fail-closed (CORRECT)
def check_authorization(user, resource):
try:
return authorization_service.check(user, resource)
except Exception as e:
log.error(f"AuthZ check failed: {e}")
return False # Fail-closed is secure
OWASP LLM Top 10 2025
For AI security roles, know the LLM-specific vulnerabilities:
| Rank | Vulnerability | Description |
|---|---|---|
| LLM01 | Prompt Injection | Malicious prompts manipulating LLM behavior |
| LLM02 | Sensitive Information Disclosure | LLM revealing training data or secrets |
| LLM03 | Supply Chain | Compromised models, plugins, or training data |
| LLM05 | Improper Output Handling | XSS/injection via LLM output |
| LLM06 | Excessive Agency | LLM with too many permissions |
| LLM07 | System Prompt Leakage | Exposing system instructions |
| LLM08 | Vector and Embedding Weaknesses | RAG poisoning attacks |
Interview Question (AI Security Role)
Q: "How would you prevent prompt injection attacks?"
Answer:
- Input sanitization and filtering
- Output encoding before rendering
- Privilege separation (LLM can't execute code directly)
- Prompt/completion separation
- Rate limiting and monitoring
- Human-in-the-loop for sensitive actions
For AI Security Roles: The LLM Top 10 is now standard interview material. Expect detailed questions on prompt injection and RAG security.
Next, we'll cover cryptography essentials for security interviews. :::