application-security

Least Privilege

Principle of Least Privilege

Definition

The principle of least privilege dictates that users, processes, and systems should be granted only the minimum permissions necessary to perform their functions. Applying least privilege limits the blast radius when credentials are compromised or a component is exploited.

It applies across all layers: OS user accounts, database permissions, API scopes, IAM roles, and network access controls.

Related Terms

Defense in Depth

RBAC

Role-Based Access Control

ZTA

Zero Trust Architecture

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product