A broad OWASP Top 10 software development category representing missing, ineffective, or unforeseen security measures.