How a Broken Object Level Authorization Vulnerability Exposed Sensitive Data: API Security Report
To reduce the odds of being the next security incident news story, many organizations are taking steps to make sure that their APIs are not vulnerable to exposing personally identifiable information (PII). This blog will walk through the discovery of a Broken Object Level Authorization vulnerability (OWASP API1) by the ... Read More
How BOLA Vulnerabilities Can Expose Sensitive Data: API Security Report
New threat research for API security, this blog walks through the discovery of a Broken Object Level Authorization or BOLA vulnerability (OWASP API1) by the CQ Prime Threat Research Team that could be used to exfiltrate sensitive (customer) data. It’s well known that attackers can use stolen PII to apply ... Read More
