Glossary

The principle of least privilege is a strategy that limits the access and capabilities of a user to the minimum necessary to perform their job duties. If a threat actor tricks a user into revealing their credentials, they cannot access higher-level functionality or data than the victim’s privileges allow.