Security
All SWE patterns tagged with Primary Impact: Security
Insufficient Permission Granularity in Schema
Schema designs that lack proper permission granularity, allowing broad access to data through single permission grants. This includes friend-of-friend...
Security Audit Trail Schema Weakness
Schemas that lack proper audit trail tables or security event logging structures, making it impossible to detect breaches, investigate incidents, or m...
Insufficient Security Isolation in Schema
Schema designs that fail to isolate high-value or sensitive data from less critical data, creating single points of failure where compromise of one co...
API Rate Limiting and Enumeration Weakness
APIs that lack proper rate limiting, use predictable identifiers (sequential IDs), and don't verify authorization for each request. This allows attack...
Cloud IAM Permission Overreach
Cloud IAM roles and policies configured with excessive permissions, violating the principle of least privilege. This includes EC2 instances with broad...
Third-Party Integration Security Weakness
Security vulnerabilities introduced through third-party integrations, including excessive permissions granted to vendors, lack of activity monitoring,...