API Threat Protection Another BOLA API Security Lesson Learned from the Leaky John Deere APIs April 28, 2021 — Lebin Cheng BOLA stands for Broken Object Level Authorization (BOLA), the top API security issue of the OWASP API Security Top 10. Some say it is similar in spirit to [...] api-breach, api-threat-protection, owasp-api-top10, owasp-api1
API Threat Protection API Object Vulnerability In Facebook Pages Allowed Creation of Ghost FB Posts January 26, 2021 — Sekhar Chintaginjala API Object Vulnerability In Facebook Pages Allowed Creation of Ghost FB Posts A critical Broken Object Level Authorization vulnerability in Facebook Pages was revealed [...] api-breach, owasp-api1
API Threat Protection OWASP API Security Top 10 – Broken Object Level Authorization June 30, 2020 — Sekhar Chintaginjala OWASP API Security Top 10 – Broken Object Level Authorization Broken Object Level Authorization (BOLA) is the top most in the list of OWASP Top [...] owasp-api-top10, owasp-api1
API Threat Protection How a Trusted Client Hides API Vulnerability? June 11, 2020 — Lebin Cheng How a Trusted Client Hides API Vulnerability? A Case for Service Side Monitoring/Testing A critical vulnerability in Apple “Sign Me In” feature was reported last [...] api-breach, owasp-api-top10, owasp-api1
API Threat Protection What Went Down At USPS Data Breach? Only CloudVector Could Have Prevented November 27, 2018 — Ravi Balupari What Went Down At USPS Data Breach? Only CloudVector Could Have Prevented A Data Exposure flaw at the United States Postal Service (USPS) website was disclosed last [...] api-breach, owasp-api1
API Threat Protection A Case For Securing API Actions. What Words Of Wisdom Two Thousand Years Ago Can Teach Us About APP Security October 02, 2018 — Lebin Cheng A Case For Securing API Actions. What Words Of Wisdom Two Thousand Years Ago Can Teach Us About APP Security Confucius taught us more than [...] api-breach, api-threat-protection, owasp-api1
