Module 5: Secure Design Principles Core Principles Least privilege. Fail-safe defaults. Defense in depth. Secure by default. Economy of mechanism (simplicity). Patterns Zero trust architecture. Secure session management. Pitfalls Overly complex security mechanisms. Ignoring usability → leads to workarounds.