What is Broken Access Control and Why Should You Care?
Too Long; Didn't Read
In 2021, Broken Access Control moved up from [5th place to the #1 spot on the OWASP Top 10 as “the most serious web application security risk” Broken access control is a critical security vulnerability in which attackers can perform any action (access, modify, delete) outside of an application’s intended permissions. The design and management of access controls can be complex and as access control decisions are made by humans, there is a high margin for error. As applications are increasingly built on APIs, it's important to understand the top security risks associated with these vulnerabilities.